Refine your search
Collections
Year
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Umar, Kabir
- SQL Injection Attack Roadmap and Fusion
Abstract Views :204 |
PDF Views:0
Authors
Kabir Umar
1,
Abu Bakar Md Sultan
1,
Hazura Zulzalil
1,
Novia Admodisastro
1,
Mohd Taufik Abdullah
1
Affiliations
1 Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Serdang, Selangor, MY
1 Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Serdang, Selangor, MY
Source
Indian Journal of Science and Technology, Vol 9, No 28 (2016), Pagination:Abstract
With SQL Injection, an attacker can change the intended effect of dynamically generated query in a web Application. This can lead to unauthorized access to the database underlying web application, and harmful transactions on the potentially sensitive information contained in the database. Clear understanding of a problem always assists in finding stronger solution to the problem. In this paper, we conducted an extensive review of several empirical studies on SQL injection attacks and vulnerabilities, with the goal of providing the research community with better insight into possible relationship that exists between different types of SQL Injection Attacks (SQLIAs), and the types of vulnerabilities exploited by each. Consequently, the result of our study is presentation of SQLIAs fusion which shows how different types of SQLIAs lead to one another, and also presentation of step by step SQLIA roadmap. We are very optimistic that our study can help the research community with clearer understanding of SQL Injections, and thus facilitates emergence of stronger solutions to the long standing problem.Keywords
Attack Intents, Attack Mechanism, Inter-attacks Relationship, Vulnerabilities Exploitation, Web Applications.- Enhanced Pushdown Automaton based Static Analysis for Detection of SQL Injection Hotspots in Web Application
Abstract Views :205 |
PDF Views:0
Authors
Kabir Umar
1,
Abu Bakar Md Sultan
1,
Hazura Zulzalil
1,
Novia Admodisastro
1,
Mohd Taufik Abdullah
1
Affiliations
1 Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Serdang, Selangor, MY
1 Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Serdang, Selangor, MY