DocumentCode :
3015202
Title :
SQLStor: Blockage of stored procedure SQL injection attack using dynamic query structure validation
Author :
Mamadhan, S. ; Manesh, T. ; Paul, Varghese
Author_Institution :
Dept. of CS, Adi Shankara Inst. of Eng. & Technol., Kalady, India
fYear :
2012
fDate :
27-29 Nov. 2012
Firstpage :
240
Lastpage :
245
Abstract :
Web applications are becoming an important part of our daily life. So attacks against them also increases rapidly. Of these attacks, a major role is held by SQL injection attacks (SQLIA). This paper proposes a new method for preventing SQL injection attacks in JSP web applications. The basic idea is to check before execution, the intended structure of the SQL query. For this we use semantic comparison. This method prevents different kinds of injection attacks including stored procedure attack which is more difficult and less considered in the literature.
Keywords :
Internet; SQL; security of data; JSP Web applications; SQL query; SQLIA; SQLStor; dynamic query structure validation; stored procedure SQL injection attack blockage; Databases; Electronic mail; Intelligent systems; Reactive power; Semantics; Servers; Syntactics; Arraylist; Parse Tree; SQL injection; Semantics; Web application;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Intelligent Systems Design and Applications (ISDA), 2012 12th International Conference on
Conference_Location :
Kochi
ISSN :
2164-7143
Print_ISBN :
978-1-4673-5117-1
Type :
conf
DOI :
10.1109/ISDA.2012.6416544
Filename :
6416544
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3015202
بازگشت