期刊名称:electronic Journal of Computer Science and Information Technology
出版年度:2011
卷号:3
期号:1
语种:English
出版社:College of Information Technology, Universiti Tenaga Nasional
摘要:SQL Injection attacks are one of the gravest threats for web applications. In this paper, we propose coalesce techniques to mitigate SQL injection attacks and focus on the research of the attack protection module. These techniques are based on a filter, cryptographic hash-function, linear probing technique, customized error message and POST method. The filter is used to detect malformed SQL queries whereas the hash function is used to match hash values of usernames and passwords against stored hash values. A linear probing technique is used to address the data collision and debug error message problems because it is able to stop the reconnaissance progress of threat agents.
