1. IR@NITK
  2. 1. Faculty Publications
  3. 2. Conference Papers
Please use this identifier to cite or link to this item: https://idr.nitk.ac.in/jspui/handle/123456789/7689
Full metadata record
DC FieldValueLanguage
dc.contributor.authorNarayanan, S.N.-
dc.contributor.authorPais, A.R.-
dc.contributor.authorMohandas, R.-
dc.date.accessioned2020-03-30T10:02:39Z-
dc.date.available2020-03-30T10:02:39Z-
dc.date.issued2011-
dc.identifier.citationCommunications in Computer and Information Science, 2011, Vol.157 CCIS, , pp.103-112en_US
dc.identifier.urihttp://idr.nitk.ac.in/jspui/handle/123456789/7689-
dc.description.abstractSQL injection vulnerability is a kind of injection vulnerability in which the database server is forced to execute some illicit operations by crafting specific inputs to the web server. Even though this vulnerability has had it's presence for several years now, most of its popular mitigation techniques are based on safe coding practices, which are neither applicable to the existing applications, nor are application independent. Here we propose a new application logic independent solution to prevent SQL injection attacks which can be applicable to any dynamic web technology. The new solution detects SQL injection by considering the semantic variance between the queries generated by the query function with safe inputs and injection inputs. We have implemented the complete solution in ASP.NET with C# web applications using a custom written tool, SIAP, which patches the SQL Injection vulnerabilities in an existing web application by instrumenting the binaries. � Springer-Verlag 2011.en_US
dc.titleDetection and prevention of SQL injection attacks using semantic equivalenceen_US
dc.typeBook chapteren_US
Appears in Collections:2. Conference Papers

Files in This Item:
File Description SizeFormat 
7689.pdf201.27 kBAdobe PDFThumbnail
View/Open
Show simple item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.