| Title | Research on SQL Injection Attack and Prevention Technology Based on Web |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Ma, Limei, Zhao, Dongmei, Gao, Yijun, Zhao, Chen |
| Conference Name | 2019 International Conference on Computer Network, Electronic and Automation (ICCNEA) |
| Date Published | sep |
| Keywords | application security risks, B/S mode application development, Collaboration, component, data protection, database management systems, database query code, database security attack, database security protection technology, Databases, Human Behavior, Information filters, Injection attack, Metrics, policy-based governance, Prevention Technology, privacy, pubcrawl, query processing, resilience, Resiliency, security of data, Servers, SQL, SQL detection, SQL Injection, SQL injection attack, Structured Query Language, user input data legitimacy, web |
| Abstract | This SQL injection attack is one of the common means for hackers to attack database. With the development of B/S mode application development, more and more programmers use this mode to write applications. However, due to the uneven level and experience of programmers, a considerable number of programmers do not judge the legitimacy of user input data when writing code, which makes the application security risks. Users can submit a database query code and get some data they want to know according to the results of the program. SQL injection attack belongs to one of the means of database security attack. It can be effectively protected by database security protection technology. This paper introduces the principle of SQL injection, the main form of SQL injection attack, the types of injection attack, and how to prevent SQL injection. Discussed and illustrated with examples. |
| DOI | 10.1109/ICCNEA.2019.00042 |
| Citation Key | ma_research_2019 |
Research on SQL Injection Attack and Prevention Technology Based on Web