SCOPUS 정보 검색 플랫폼

7th International Conference on Information Technology and Application, ICITA 2011

Volumn , Issue , 2011, Pages 1-7

Web application protection against SQL injection attack

(4) Alazab, Ammar a Alazab, Moutaz a Abawajy, Jemal a Hobbs, Michael a

a DEAKIN UNIVERSITY (Australia)

Author keywords

Cybercrime; SQL Injection; SQLIA; Vulnerabilities; Web Application Security

Indexed keywords

CYBERCRIME; SQL INJECTION; SQLIA; VULNERABILITIES; WEB APPLICATION SECURITY;

COMPUTER CRIME; PERSONAL COMPUTING; WEBSITES;

INFORMATION TECHNOLOGY;

EID: 84868144659 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: None Document Type: Conference Paper

Times cited : (19)

References (20)

1
- 79953116991
- D. Parsons, Dynamic Web Application Development Using XML and Java: Cengage Learning EMEA, 2008.
- (2008) Dynamic Web Application Development Using XML and Java: Cengage Learning EMEA
- Parsons, D.¹

2
- 77949464016
- Candid: Dynamic candidate evaluations for automatic prevention of sql injection attacks
- P. Bisht, P. Madhusudan, and V. Venkatakrishnan, "CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks," ACM Transactions on Information and System Security vol. 13, pp. 1-39, 2010.
- (2010) ACM Transactions on Information and System Security , vol.13 , pp. 1-39
- Bisht, P.¹ Madhusudan, P.² Venkatakrishnan, V.³

3
- 78650825676
- Wasat-a new web authorization security analysis tool
- C. Torrano-Gimenez, A. Perez-Villegas, and G. Alvarez, "WASAT-A New Web Authorization Security Analysis Tool," Web Application Security, pp. 39-49, 2010.
- (2010) Web Application Security , pp. 39-49
- Torrano-Gimenez, C.¹ Perez-Villegas, A.² Alvarez, G.³

4
- 0031648127
- Accessing existing business data from the world wide web
- C. S. Peng, S. K. Chen, J. Y. Chung, A. Roy-Chowdhury, and V. Srinivasan, "Accessing existing business data from the World Wide Web," IBM Systems Journal, vol. 37, pp. 115-132, 2010.
- (2010) IBM Systems Journal , vol.37 , pp. 115-132
- Peng, C.S.¹ Chen, S.K.² Chung, J.Y.³ Roy-Chowdhury, A.⁴ Srinivasan, V.⁵

5
- 34547322724
- W. D. Yu, D. Aravind, and P. Supthaweesuk, "Software vulnerability analysis for web services software systems," 2006, pp. 740-748.
- (2006) Software Vulnerability Analysis for Web Services Software Systems , pp. 740-748
- Yu, W.D.¹ Aravind, D.² Supthaweesuk, P.³

6
- 84868135977
- Available
- K. J. Vella. (2007, 2011). Web Applications: What are they? What about them? Available: http://www.windowsecurity.com/articles/Web-Applications.html? printversion
- (2007) Web Applications: What Are They? What about Them?
- Vella, K.J.¹

7
- 34547379435
- W. G. J. Halfond, A. Orso, and P. Manolios, "Using positive tainting and syntax-aware evaluation to counter SQL injection attacks," 2006, pp. 175-185.
- (2006) Using Positive Tainting and Syntax-aware Evaluation to Counter SQL Injection Attacks , pp. 175-185
- Halfond, W.G.J.¹ Orso, A.² Manolios, P.³

8
- 33751027156
- Pixy: A static analysis tool for detecting web application vulnerabilities
- N. Jovanovic, C. Kruegel, and E. Kirda, "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities," in IEEE Symposium on Security and Privacy, Oakland, CA, 2006, pp. 258-263.
- (2006) IEEE Symposium on Security and Privacy, Oakland, CA , pp. 258-263
- Jovanovic, N.¹ Kruegel, C.² Kirda, E.³

9
- 34247152137
- Preventing sql injection attacks using amnesia
- presented at the
- W. G. J. Halfond and A. Orso, "Preventing SQL injection attacks using AMNESIA," presented at the Proceedings of the 28th international conference on Software engineering, Shanghai, China, 2006.
- (2006) Proceedings of the 28th International Conference on Software Engineering, Shanghai, China
- Halfond, W.G.J.¹ Orso, A.²

10
- 84868157770
- An approach to detect and prevent sql injection attacks in database using web service
- IndraniBalasundaram and Ramaraj, "An Approach to Detect and Prevent SQL Injection Attacks in Database Using Web Service," International Journal of Computer Science and Network Security, vol. 11, pp. 197-205, 2011.
- (2011) International Journal of Computer Science and Network Security , vol.11 , pp. 197-205
- Balasundaram, I.¹ Ramaraj²

11
- 33745203758
- Finding application errors and security flaws using pql: A program query language
- M. Martin, B. Livshits, and M. S. Lam, "Finding application errors and security flaws using PQL: a program query language," ACM SIGPLAN Notices, vol. 40, pp. 365-383, 2005.
- (2005) ACM SIGPLAN Notices , vol.40 , pp. 365-383
- Martin, M.¹ Livshits, B.² Lam, M.S.³

12
- 19944365247
- Securing web application code by static analysis and runtime protection
- presented at the, New York, NY, USA
- Y.-W. Huang, F. Yu, C. Hang, C.-H. Tsai, D.-T. Lee, and S.-Y. Kuo, "Securing web application code by static analysis and runtime protection," presented at the Proceedings of the 13th international conference on World Wide Web, New York, NY, USA, 2004.
- (2004) Proceedings of the 13th International Conference on World Wide Web
- Huang, Y.-W.¹ Yu, F.² Hang, C.³ Tsai, C.-H.⁴ Lee, D.-T.⁵ Kuo, S.-Y.⁶

13
- 4544287108
- 2004
- C. Gould, Z. Su, and P. Devanbu, "JDBC checker: A static analysis tool for SQL/JDBC applications," 2004, pp. 697-698.
- JDBC Checker: A Static Analysis Tool for SQL/JDBC Applications , pp. 697-698
- Gould, C.¹ Su, Z.² Devanbu, P.³

14
- 33244471315
- R. A. McClure and I. H. Krüger, "SQL DOM: compile time checking of dynamic SQL statements," 2005, pp. 88-96.
- (2005) SQL DOM: Compile Time Checking of Dynamic SQL Statements , pp. 88-96
- McClure, R.A.¹ Krüger, I.H.²

15
- 84871349041
- Automatically hardening web applications using precise tainting
- A. Nguyen-Tuong, S. Guarnieri, D. Greene, J. Shirley, and D. Evans, "Automatically hardening web applications using precise tainting," Security and Privacy in the Age of Ubiquitous Computing, pp. 295-307, 2005.
- (2005) Security and Privacy in the Age of Ubiquitous Computing , pp. 295-307
- Nguyen-Tuong, A.¹ Guarnieri, S.² Greene, D.³ Shirley, J.⁴ Evans, D.⁵

16
- 49949109144
- S. Bandhakavi, P. Bisht, P. Madhusudan, and V. Venkatakrishnan, "CANDID: preventing sql injection attacks using dynamic candidate evaluations," 2007, pp. 12-24.
- (2007) CANDID: Preventing Sql Injection Attacks Using Dynamic Candidate Evaluations , pp. 12-24
- Bandhakavi, S.¹ Bisht, P.² Madhusudan, P.³ Venkatakrishnan, V.⁴

17
- 84857951368
- An approach to detection of sql injection vulnerabilities based on dynamic query matching
- D. Das, U. Sharma, and D. Bhattacharyya, "An Approach to Detection of SQL Injection Vulnerabilities Based on Dynamic Query Matching," International Journal of Computer Applications, vol. 1, pp. 39-45, 2010.
- (2010) International Journal of Computer Applications , vol.1 , pp. 39-45
- Das, D.¹ Sharma, U.² Bhattacharyya, D.³

18
- 78649888272
- Towards understanding malware behaviour by the extraction of api calls
- M. Alazab, S. Venkataraman, and P. Watters, "Towards Understanding Malware Behaviour by the Extraction of API Calls," in Second Cybercrime and Trustworthy Computing Workshop, Ballarat, VIC, 2010, pp. 52-59.
- (2010) Second Cybercrime and Trustworthy Computing Workshop, Ballarat, VIC , pp. 52-59
- Alazab, M.¹ Venkataraman, S.² Watters, P.³

19
- 84868135965
- Cybercrime: The case of obuscated malware
- M. Alazab, S. Ventatraman, P. Watters, M. Alazab, and A. Alazab, "Cybercrime: The Case of Obuscated Malware," in 7th International Conference on Global Security, Safety & Sustainability, Thessaloniki, Greece, 2011.
- (2011) 7th International Conference on Global Security, Safety & Sustainability, Thessaloniki, Greece
- Alazab, M.¹ Ventatraman, S.² Watters, P.³ Alazab, M.⁴ Alazab, A.⁵

20
- 70350750399
- Advanced sql injection in sql server applications
- C. Anley, "Advanced SQL Injection In SQL Server Applications," An NGSSoftware Insight Security Research (NISR) Publication, Next Generation Security Software Ltd, 2002.
- (2002) An NGSSoftware Insight Security Research (NISR) Publication, Next Generation Security Software Ltd
- Anley, C.¹

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.