International Journal of Soft Computing
Year:
2016
Volume:
11
Issue:
1
Page No.
26 - 35
References
Al-Khashab, E., F.S. Al-Anzi and A.A. Salman, 2011. PSIAQOP: Preventing SQL injection attacks based on query optimization process. Proceedings of the 2nd Kuwait Conference on E-Services and E-Systems, April 5-7, 2011, Kuwait, USA -.
Amirtahmasebi, K., S.R. Jalalinia and S. Khadem, 2009. A survey of SQL injection defense mechanisms. Proceedings of the International Conference for Internet Technology and Secured Transactions, November 9-12, 2009, London, pp: 1-8.
Balasundaram, I. and E. Ramaraj, 2012. An efficient technique for detection and prevention of SQL injection attack using ASCII based string matching. Procedia Eng., 30: 183-190.
CrossRef | Direct Link | Bisht, P., P. Madhusudan and V.N. Venkatakrishnan, 2010. Candid: Dynamic candidate evaluations for automatic prevention of SQL injection attacks. ACM Trans. Inf. Syst. Security, 5: 1-39.
CrossRef | Direct Link | Buehrer, G., B.W. Weide and P.A.G. Sivilotti, 2005. Using parse tree validation to prevent SQL injection attacks. Proceedings of the 5th International Workshop on Software Engineering and Middleware, September 5-6, 2005, Lisbon, Portugal, pp: 106-113.
Cova, M., D. Balzarotti, V. Felmetsger and G. Vigna, 2007. Swaddler: An approach for the anomaly-based detection of state violations in web applications. Proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection, September 5-7, 2007, Gold Goast, Australia, pp: 63-86.
Ezumalai, R. and G. Aghila, 2009. Combinatorial approach for preventing SQL injection attacks. Proceedings of the International Advance Computing Conference, March 6-7, 2009, Patiala, India, pp: 1212-1217.
Fu, X. and K. Qian, 2008. SAFELI: SQL injection scanner using symbolic execution. Proceedings of the Workshop on Testing, Analysis and Verification of Web Services and Applications, July 20-24, 2008, Seattle, WA., USA., pp: 34-39.
Grazie, P., 2008. SQL prevent. Ph.D. Thesis, University of British Columbia, Vancouver, Canada.
Halder, R. and A. Cortesi, 2010. Obfuscation-based analysis of SQL injection attacks. Proceedings of the IEEE Symposium on Computers and Communications, June 22-25, 2010, Riccione, Italy, pp: 931-938.
Halfond, W.G.J. and A. Orso, 2006. Preventing SQL injection attacks using AMNESIA. Proceedings of the 28th International Conference on Software Engineering, May 20-28, 2006, Shanghai China, pp: 795-798.
Halfond, W.G.J., A. Orso and P. Manolios, 2006. Using positive tainting and syntax-aware evaluation to counter SQL injection attacks. Proceedings of the 14th ACM Sigsoft International Symposium on Foundations of Software Engineering, November 5-11, 2006, Portland, OR, USA., pp: 175-185.
Halfond, W.G.J., J. Viegas and A. Orso, 2006. A classification of SQL injection attacks and countermeasures. Proceedings of the International Symposium on Secure Software Engineering, March 2006, New York, USA -.
Indrani, B. and E. Ramaraj, 2011. X-Log authentication technique to prevent SQL injection attacks. Int. J. Inform. Technol. Knowledge Manage., 4: 323-328.
Direct Link | Jiao, G., C.M. Xu and J. Maohua, 2012. SQLIMW: A new mechanism against SQL-injection. Proceedings of the International Conference on Computer Science and Service System, August 11-13, 2012, Nanjing, pp: 1178-1180.
Johari, R. and P. Sharma, 2012. A survey on web application vulnerabilities (SQLIA, XSS) exploitation and security engine for SQL injection. Proceedings of the International Conference on Communication Systems and Network Technologies, May 11-13, 2012, Rajkot, pp: 453-458.
Kemalis, K. and T. Tzouramanis, 2008. SQL-IDS: A specification-based approach for SQL-injection detection. Proceedings of the 2008 ACM Symposium on Applied Computing, March 16-20, 2008, Fortaleza, Ceara, Brazil, pp: 2153-2158.
Kindy, D.A. and A.S.K. Pathan, 2011. A survey on SQL injection: Vulnerabilities, attacks and prevention techniques. Proceedings of the IEEE 15th International Symposium on Consumer Electronics, June 14-17, 2011, Singapore, pp: 468-471.
Kitchenham, B., O.P Brereton, D. Budgen, M. Turner, J. Bailey and S. Linkman, 2009. Systematic literature reviews in software engineering-A systematic literature review. Inform. Software Technol., 51: 7-15.
CrossRef | Kumar, P. and R.K. Pateriya, 2012. A survey on SQL injection attacks, detection and prevention techniques. Proceedings of the 3rd International Conference Computing Communication and Networking Technologies, July 26-28, 2012, Coimbatore, India, pp: 1-5.
Liu, A., Y. Yuan, D. Wijesekera and A. Stavrou, 2009. SQLProb: A proxy-based architecture towards preventing SQL injection attacks. Proceedings of the ACM Symposium on Applied Computing, March 8-12, 2009, Honolulu, HI., USA., pp: 2054-2061.
Natarajan, K., and S. Subramani, 2012. Generation of SQL-injection free secure algorithm to detect and prevent SQL-injection attacks. Procedia Technol., 4: 790-796.
CrossRef | Direct Link | Rahul, S., J. Bhattacharyji and R. Soni, 2012. SQL injection attacks in database using web service: Detection and prevention. Asian J. Comput. Sci. Inform. Technol., 2-6: 162-165.
Su, Z. and G. Wassermann, 2006. The essence of command injection attacks in web applications. Proceedings of the 33rd ACM Symposium on Principles of Programming Languages, January 11-13, 2006, Charleston, South Carolina, USA., pp: 372-382.
Suguna, R., T. Kujani, N. Suganya and C. Krishnaveni, 2014. Hunting pernicious attacks in web applications with XProber. Am. J. Applied Sci., 11: 1164-1171.
Direct Link | Tajpour, A., M. Massrum and M.Z. Heydari, 2010. Comparison of SQL injection detection and prevention techniques. Proceeding of the 2nd International Conference Education Technology and Computer, June 22-24, 2010, Shanghai, pp: 174-179.
Tajpour, A., S. Ibrahim and M. Masrom, 2011. SQL injection detection and prevention techniques. Int. J. Adv. Comput. Technol., 3: 82-91.
Direct Link | Tajpour, A., Z. JorJor and M. Shooshtari, 2010. Evaluation of SQL injection detection and prevention techniques. Proceeding of the 2nd International Conference Computational Intelligence, Communication Systems and Networks, July 28-30, 2010, Liverpool, pp: 216-221.
Wassermann, G. and Z. Su, 2004. An analysis framework for security in web applications. Proceedings of the FSE Workshop on Specification and Verification of Component-Based Systems, October 2004, Atlanta, GA., pp: 70-78.