2017
DOI: 10.1155/2017/3825373
|View full text |Cite
|
Sign up to set email alerts
|

Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

Abstract: Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevention of SQL injecti… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
11
0
1

Year Published

2019
2019
2022
2022

Publication Types

Select...
5
4

Relationship

0
9

Authors

Journals

citations
Cited by 20 publications
(13 citation statements)
references
References 26 publications
0
11
0
1
Order By: Relevance
“…According to [6] there are different types of SQL injection attack as presented in many studies. These attack types have been named based on the technique implemented to exploit the injection vulnerability as listed below:…”
Section: Methodsmentioning
confidence: 99%
See 1 more Smart Citation
“…According to [6] there are different types of SQL injection attack as presented in many studies. These attack types have been named based on the technique implemented to exploit the injection vulnerability as listed below:…”
Section: Methodsmentioning
confidence: 99%
“…Most of the time, the query that is passed to the database server for execution contains user-supplied parameters. The input parameters provided by the user may or may not be trustworthy [6]. It is obvious that the query processor will execute the query and return the result to the user without considering about its type.…”
mentioning
confidence: 99%
“…Seperti yang telah dilakukan oleh peneliti sebelumnya guna mengatasi permasalahan serangan ini. Seperti halnya yang telah dilakukan oleh Asish Kumar Dalai, dkk (2017), menggunakan metode server side code modification untuk mencegah serangan SQL injection [10]. Metode ini bekerja dengan cara memblokir query inputan jika berdasarkan perbandingan dengan query asli menimbulkan hasil yang berbeda.…”
Section: Pendahuluanunclassified
“…Then, a logical framework was introduced [12] to evaluate the complex subqueries using SQL. But here also the performance did not improve while processing the complex subqueries in distributed environments.…”
Section: Related Workmentioning
confidence: 99%