Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WSE
2006
IEEE
2006
IEEE
Eliminating SQL Injection Attacks - A Transparent Defense Mechanism
The widespread adoption of web services as an instant means of information dissemination and various other transactions, has essentially made them a key component of today’s Internet infrastructure. Web-based systems comprise both of infrastructure components and of applicationspecific code. Various organizations have started extensively deploying Intrusion Detection/Prevention Systems and Firewalls as a means of securing their vital installations. However, very little emphasis is laid on securing the applications that run on these systems, apart from frequent updates and patching. SQL-Injection Attacks are a class of attacks that many of these systems are highly vulnerable to, and there is no known fool-proof defense against such attacks. In this paper, we propose a technique, which combines static application code analysis with runtime validation to detect the occurrence of such attacks. The deployment of this technique eliminates the need to modify source code of application scr...
Real-time TrafficInternet Technology | Intrusion Detection/Prevention Systems | SQL-Injection Attacks | Today’s Internet Infrastructure | WSE 2006 |
| Added | 12 Jun 2010 |
| Updated | 12 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | WSE |
| Authors | Muthusrinivasan Muthuprasanna, Ke Wei, Suraj Kothari |
Comments (0)
Researcher Info
|
