Asian Journal of Information Technology
Year:
2016
Volume:
15
Issue:
22
Page No.
4445 - 4449
Automatic Prevention of Union Query Type SQL Injection Attack Using Private Synonym and Error Message Controller
Authors :
N. Gunaseeli
and
D. Jeya Mala
References
Buehrer, G., B.W. Weide and P.A.G. Sivilotti, 2005. Using parse tree validation to prevent SQL injection attacks. Proceedings of the 5th International Workshop on Software Engineering and Middleware, September 5-6, 2005, Lisbon, Portugal, pp: 106-113.
Dharam, R. and S.G. Shiva, 2012. Runtime monitors for tautology based SQL injection attacks. Proceedings of the 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), June 26-28, 2012, IEEE, Tennessee, USA, ISBN: 978-1-4673-1425-1, pp: 253-258.
Halfond, W.G.J., A. Orso and P. Manolios, 2008. WASP: Protecting web applications using positive tainting and syntax-aware evaluation. IEEE Trans. Software Eng., 34: 65-81.
CrossRef | Kemalis, K. and T. Tzouramanis, 2008. SQL-IDS: A specification-based approach for SQL-injection detection. Proceedings of the 2008 ACM Symposium on Applied Computing, March 16-20, 2008, Fortaleza, Ceara, Brazil, pp: 2153-2158.
Patel, N., F. Mohammed and S. Soni, 2011. SQL injection attacks: Techniques and protection mechanisms. Int. J. Comput. Sci. Eng., 3: 199-203.
Direct Link | Sun, S.T., T.H. Wei, S. Liu and S. Lau, 2007. Classification of SQL Injection Attacks. University of British Columbia, Vancouver, British Columbia,.