期刊名称:International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)
印刷版ISSN:2278-1323
出版年度:2012
卷号:1
期号:8
页码:46-52
出版社:Shri Pannalal Research Institute of Technolgy
摘要:SQL injection is a hazard to web applications, which gives attackers unrestricted access to the database. The attacker thereby can supply malicious or corrupted input that compromises an application. This leads to destruction of the security and the privacy of the users. To avoid this scenario, combinatorial approach is used for protecting Web application against SQL injection. Novel methods of protecting the web applications against the SQL injection are available such as positive tainting, signature based etc. Here Web Application SQL-injection Preventer (WASP) tool is used to prevent the SQL injection. Further the WASP tool is modified by implementing the proposed approach which is an enhancement to this tool.
关键词:Positive Tainting; Character Level Tainting; ; Syntax Aware Evaluation
