文章基本信息

标题：REVIEW OF THE DEFENSIVE APPROACHES FOR STRUCTURED QUERY LANGUAGE INJECTION ATTACKS AND THEIR COUNTERMEASURES
本地全文：下载
作者：NABEEL SALIH ALI ; ABDUL SAMAD SHIBGHATULLAH ; MUNQATH H. AlATTAR 等
期刊名称：Journal of Theoretical and Applied Information Technology
印刷版ISSN：1992-8645
电子版ISSN：1817-3195
出版年度：2015
卷号：76
期号：2
出版社：Journal of Theoretical and Applied
摘要：Recently, Web applications have been used for most of the activities in animation. These applications are affected by the structured query language injection (SQLI). In this paper, four major objectives can be organized to direct the work study are: � Conduct a detailed review of various SQLI attacks and investigation of previous approaches that detected and prevented these attacks in Web applications. � Compare the performance metrics of the different techniques to evaluate the precision of the results and the cost of the time required to identify the efficiency of the techniques. � Evaluate the effectiveness of the techniques in practices based on the effectiveness metrics. � Define the efficiency and effectiveness direction of defensive approaches. The main contributions of this work are: � Summary and analysis of a critical review (strengths and weaknesses) of the defensive approaches that have been implemented. � Comparison of the result accuracy of the different approaches through an evaluation using the standard performance metrics. � Evaluation of the effectiveness of the techniques in practice. � Identification and focus on the critical and important lines or defensive techniques that need comprehensive studies by future researchers through which the advantages of high efficiency and effectiveness can be obtained.
关键词：SQL; Injection; Detection; Prevention; Approaches. Techniques.