Title :
An Improved Eliminating SQL Injection Attacks Based Regular Expressions Matching
Author :
Wan Min ; Liu Kun
Author_Institution :
Nanchang Campus Inf. Center, Jiangxi Radio & Telev. Univ., Nanchang, China
Abstract :
Web applications have brought with them new classes of network security vulnerabilities, such as SQL Injection Attack. SQL Injection Attack is a class of attacks that many of the Web-based systems are highly vulnerable to, and there is no know fool-proof defense against such attacks. Static analysis is one of the techniques in defense of SQL Injection. In this paper, we propose an improved technique eliminates the need to modify source code of application scripts. The improved Eliminating SQL Injection Attacks technique bases the regular expressions instead of using SQL Graph representation using SQL-FSM in static analysis.
Keywords :
Internet; SQL; graph theory; program diagnostics; security of data; string matching; SQL graph representation; SQL injection defense; SQL-FSM; Web application; Web-based system; application script; eliminating SQL injection attacks technique; fool-proof defense; network security vulnerability; regular expression matching; source code modification; static analysis; Authentication; Automata; Databases; Filtering; Runtime; Semantics; SQL Injectiont; regular expression; static analysis;
Conference_Titel :
Control Engineering and Communication Technology (ICCECT), 2012 International Conference on
Conference_Location :
Liaoning
Print_ISBN :
978-1-4673-4499-9
DOI :
10.1109/ICCECT.2012.235