DocumentCode :
2989325
Title :
An Improved Eliminating SQL Injection Attacks Based Regular Expressions Matching
Author :
Wan Min ; Liu Kun
Author_Institution :
Nanchang Campus Inf. Center, Jiangxi Radio & Telev. Univ., Nanchang, China
fYear :
2012
fDate :
7-9 Dec. 2012
Firstpage :
210
Lastpage :
212
Abstract :
Web applications have brought with them new classes of network security vulnerabilities, such as SQL Injection Attack. SQL Injection Attack is a class of attacks that many of the Web-based systems are highly vulnerable to, and there is no know fool-proof defense against such attacks. Static analysis is one of the techniques in defense of SQL Injection. In this paper, we propose an improved technique eliminates the need to modify source code of application scripts. The improved Eliminating SQL Injection Attacks technique bases the regular expressions instead of using SQL Graph representation using SQL-FSM in static analysis.
Keywords :
Internet; SQL; graph theory; program diagnostics; security of data; string matching; SQL graph representation; SQL injection defense; SQL-FSM; Web application; Web-based system; application script; eliminating SQL injection attacks technique; fool-proof defense; network security vulnerability; regular expression matching; source code modification; static analysis; Authentication; Automata; Databases; Filtering; Runtime; Semantics; SQL Injectiont; regular expression; static analysis;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Control Engineering and Communication Technology (ICCECT), 2012 International Conference on
Conference_Location :
Liaoning
Print_ISBN :
978-1-4673-4499-9
Type :
conf
DOI :
10.1109/ICCECT.2012.235
Filename :
6414118
Link To Document :
بازگشت