• DocumentCode
    2989325
  • Title

    An Improved Eliminating SQL Injection Attacks Based Regular Expressions Matching

  • Author

    Wan Min ; Liu Kun

  • Author_Institution
    Nanchang Campus Inf. Center, Jiangxi Radio & Telev. Univ., Nanchang, China
  • fYear
    2012
  • fDate
    7-9 Dec. 2012
  • Firstpage
    210
  • Lastpage
    212
  • Abstract
    Web applications have brought with them new classes of network security vulnerabilities, such as SQL Injection Attack. SQL Injection Attack is a class of attacks that many of the Web-based systems are highly vulnerable to, and there is no know fool-proof defense against such attacks. Static analysis is one of the techniques in defense of SQL Injection. In this paper, we propose an improved technique eliminates the need to modify source code of application scripts. The improved Eliminating SQL Injection Attacks technique bases the regular expressions instead of using SQL Graph representation using SQL-FSM in static analysis.
  • Keywords
    Internet; SQL; graph theory; program diagnostics; security of data; string matching; SQL graph representation; SQL injection defense; SQL-FSM; Web application; Web-based system; application script; eliminating SQL injection attacks technique; fool-proof defense; network security vulnerability; regular expression matching; source code modification; static analysis; Authentication; Automata; Databases; Filtering; Runtime; Semantics; SQL Injectiont; regular expression; static analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Control Engineering and Communication Technology (ICCECT), 2012 International Conference on
  • Conference_Location
    Liaoning
  • Print_ISBN
    978-1-4673-4499-9
  • Type

    conf

  • DOI
    10.1109/ICCECT.2012.235
  • Filename
    6414118
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2989325