DocumentCode :
3077425
Title :
Preventing SQL injection attacks using negative tainting approach
Author :
Gadgikar, A.S.
Author_Institution :
Dept. of Comput. Eng., D.Y. Patil Coll. of Eng., Pune, India
fYear :
2013
fDate :
26-28 Dec. 2013
Firstpage :
1
Lastpage :
5
Abstract :
One of the major issues of web application security is SQL injection attacks, which gives attackers an unrestricted access to the database. Preventing SQL Injection attacks using negative tainting approach is an idea of incorporating the uniqueness of negative tainting with linked list structure. As most of the tools available today concentrates on positive tainting technique, less work has been done on negative tainting. So this approach has been chosen and it provides good response time for application programs where large databases are used. This system is able to stop most of the known successful attacks except stored procedures and character encoding attacks and generates very less (negligible) false positives.
Keywords :
SQL; security of data; SQL injection attack; Web application security; negative tainting approach; positive tainting; Computational intelligence; Conferences; Data mining; Databases; Runtime; Security; Servers; SQL Injection; negative tainting; positive tainting;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computational Intelligence and Computing Research (ICCIC), 2013 IEEE International Conference on
Conference_Location :
Enathi
Print_ISBN :
978-1-4799-1594-1
Type :
conf
DOI :
10.1109/ICCIC.2013.6724140
Filename :
6724140
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3077425
بازگشت