结合查询标记化和自适应方法防止SQL注入攻击的安全web应用程序

2014 International Conference on Computer, Communications, and Control Technology (I4CT) Pub Date : 2014-10-02 DOI:10.1109/I4CT.2014.6914229

Noor Ashitah Abu Othman, Fakariah Hani Mohd Ali, Mashyum Binti Mohd Noh

{"title":"结合查询标记化和自适应方法防止SQL注入攻击的安全web应用程序","authors":"Noor Ashitah Abu Othman, Fakariah Hani Mohd Ali, Mashyum Binti Mohd Noh","doi":"10.1109/I4CT.2014.6914229","DOIUrl":null,"url":null,"abstract":"SQL Injection Attacks (SQLIAs) become a major issue nowadays which open opportunities for unrestricted access to the database that underlie web applications. The purpose of this research is to develop a multi-level prevention techniques in order to cater the SQLIAs. The proposed prevention technique combines Query Tokenization and Adaptive Method that will be implemented on multiple platforms that using asp.net programming language. This technique was tested using 5 test cases to ensure it effectiveness. The outcome of this project is frameworks of prevention technique that can be used for other developer to make sure their web application being secured and avoid the hackers exploit the databases by using SQL injection.","PeriodicalId":356190,"journal":{"name":"2014 International Conference on Computer, Communications, and Control Technology (I4CT)","volume":"14 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Secured web application using combination of Query Tokenization and Adaptive Method in preventing SQL Injection Attacks\",\"authors\":\"Noor Ashitah Abu Othman, Fakariah Hani Mohd Ali, Mashyum Binti Mohd Noh\",\"doi\":\"10.1109/I4CT.2014.6914229\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"SQL Injection Attacks (SQLIAs) become a major issue nowadays which open opportunities for unrestricted access to the database that underlie web applications. The purpose of this research is to develop a multi-level prevention techniques in order to cater the SQLIAs. The proposed prevention technique combines Query Tokenization and Adaptive Method that will be implemented on multiple platforms that using asp.net programming language. This technique was tested using 5 test cases to ensure it effectiveness. The outcome of this project is frameworks of prevention technique that can be used for other developer to make sure their web application being secured and avoid the hackers exploit the databases by using SQL injection.\",\"PeriodicalId\":356190,\"journal\":{\"name\":\"2014 International Conference on Computer, Communications, and Control Technology (I4CT)\",\"volume\":\"14 6\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-10-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Conference on Computer, Communications, and Control Technology (I4CT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/I4CT.2014.6914229\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Computer, Communications, and Control Technology (I4CT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/I4CT.2014.6914229","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

摘要

SQL注入攻击(sqlia)成为当今的一个主要问题，它为不受限制地访问web应用程序底层的数据库提供了机会。本研究的目的是发展多层次的预防技术，以满足sqlia。提出的预防技术结合了查询标记化和自适应方法，将在使用asp.net编程语言的多个平台上实现。使用5个测试用例对该技术进行了测试，以确保其有效性。这个项目的成果是预防技术框架，可以为其他开发人员使用，以确保他们的web应用程序是安全的，避免黑客利用SQL注入利用数据库。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Secured web application using combination of Query Tokenization and Adaptive Method in preventing SQL Injection Attacks

SQL Injection Attacks (SQLIAs) become a major issue nowadays which open opportunities for unrestricted access to the database that underlie web applications. The purpose of this research is to develop a multi-level prevention techniques in order to cater the SQLIAs. The proposed prevention technique combines Query Tokenization and Adaptive Method that will be implemented on multiple platforms that using asp.net programming language. This technique was tested using 5 test cases to ensure it effectiveness. The outcome of this project is frameworks of prevention technique that can be used for other developer to make sure their web application being secured and avoid the hackers exploit the databases by using SQL injection.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 International Conference on Computer, Communications, and Control Technology (I4CT)

自引率

0.00%

发文量