期刊名称:International Journal of Computer Science Issues
印刷版ISSN:1694-0784
电子版ISSN:1694-0814
出版年度:2012
卷号:9
期号:2
出版社:IJCSI Press
摘要:SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability. In this paper we present all SQL injection attack types and also current tools which can detect or prevent these attacks. Finally we evaluate these tools.
关键词:SQL Injection Attack; web application security ;vulnerability; detection; prevention; evaluation
