A survey of SQL injection defense mechanisms
Paper in proceeding, 2009

SQL Injection Attack (SQLIA) is a prevalent method which makes it possible for the attackers to gain direct access to the database and culminates in extracting sensitive information from the firm's database. In this survey, we have presented and analyzed six different SQL Injection prevention techniques which can be used for securing the data storage over the Internet. The survey starts by presenting Variable Normalization and will continue with AMNESIA, Prepared statements, SQL DOM, SQLrand and SQLIA prevention in stored procedures respectively.

Author

Kasra Amirtahmasebi

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Seyed Reza Jalalinia

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Saghar Khadem

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

International Conference for Internet Technology and Secured Transactions, ICITST 2009; London; United Kingdom; 9 November 2009 through 12 November 2009

5402604
978-142445648-2 (ISBN)

Subject Categories

Computer and Information Science

DOI

10.1109/icitst.2009.5402604

ISBN

978-142445648-2

More information

Latest update

3/2/2022 6