Search results for "sql injection"

Hits ?▲	Authors	Title	Venue	Year	Link	Author keywords
3	Anyi Liu, Yi Yuan, Duminda Wijesekera, Angelos Stavrou	SQLProb: a proxy-based architecture towards preventing SQL injection attacks.	SAC	2009	DBLP DOI BibTeX RDF	intrusion detection, information security, intrusion prevention, SQL injection attack
3	Xiang Fu, Kai Qian	SAFELI: SQL injection scanner using symbolic execution.	TAV-WEB	2008	DBLP DOI BibTeX RDF	symbolic execution, automated testing, constraint solver, SQL injection attack
3	Konstantinos Kemalis, Theodores Tzouramanis	SQL-IDS: a specification-based approach for SQL-injection detection.	SAC	2008	DBLP DOI BibTeX RDF	specification-based runtime validation, world-wide web, database security, web application security, SQL injection attacks
3	Mehdi Kiani, Andrew Clark, George M. Mohay	Evaluation of Anomaly Based Character Distribution Models in the Detection of SQL Injection Attacks.	ARES	2008	DBLP DOI BibTeX RDF	Anomaly Based Intrusion Detection System, SQL injection
3	Sruthi Bandhakavi, Prithvi Bisht, P. Madhusudan, V. N. Venkatakrishnan	CANDID: preventing sql injection attacks using dynamic candidate evaluations.	ACM Conference on Computer and Communications Security	2007	DBLP DOI BibTeX RDF	dynamic monitoring, retrofitting code, sql injection attacks, symbolic evaluation
3	Frank S. Rietta	Application layer intrusion detection for SQL injection.	ACM Southeast Regional Conference	2006	DBLP DOI BibTeX RDF	anomaly detection, database security, SQL injection
3	Jae-Chul Park, Bong-Nam Noh	SQL Injection Attack Detection: Profiling of Web Application Parameter Using the Sequence Pairwise Alignment.	WISA	2006	DBLP DOI BibTeX RDF	Web Application Parameter, Web Application Security, SQL Injection Attack, Pairwise Sequence Alignment
3	William G. J. Halfond, Alessandro Orso	Preventing SQL injection attacks using AMNESIA.	ICSE	2006	DBLP DOI BibTeX RDF	static analysis, runtime monitoring, SQL injection
3	William G. J. Halfond, Alessandro Orso, Panagiotis Manolios	Using positive tainting and syntax-aware evaluation to counter SQL injection attacks.	SIGSOFT FSE	2006	DBLP DOI BibTeX RDF	runtime monitoring, SQL injection, dynamic tainting
3	William G. J. Halfond, Alessandro Orso	AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks.	ASE	2005	DBLP DOI BibTeX RDF	static analysis, runtime monitoring, SQL injection
2	Atefeh Tajpour, Mohammad JorJor Zadeh Shooshtari	Evaluation of SQL Injection Detection and Prevention Techniques.	CICSyN	2010	DBLP DOI BibTeX RDF	evaluation, detection, technique, SQL Injection Attacks, prevention
2	Michelle Ruse, Tanmoy Sarkar, Samik Basu	Analysis & Detection of SQL Injection Vulnerabilities via Automatic Test Case Generation of Programs.	SAINT	2010	DBLP DOI BibTeX RDF	Program Verification, Assertion, Decision Diagrams, Test cases, SQL injection
2	Mei Junjin	An Approach for SQL Injection Vulnerability Detection.	ITNG	2009	DBLP DOI BibTeX RDF	runtime detection, input filtering, static analysis, automatic testing, SQL Injection attacks
2	Supriya Madan	Shielding against SQL Injection Attacks Using ADMIRE Model.	CICSyN	2009	DBLP DOI BibTeX RDF	Security, Web Application, Vulnerability, SQL Injection, Threat modeling
2	Adam Kiezun, Philip J. Guo, Karthick Jayaraman, Michael D. Ernst	Automatic creation of SQL Injection and cross-site scripting attacks.	ICSE	2009	DBLP DOI BibTeX RDF
2	Orlando Karam, Svetlana Peltsverger	Teaching with security in mind.	ACM Southeast Regional Conference	2009	DBLP DOI BibTeX RDF	computer security, web development, SQL injection, SQL injection attacks
2	Alexander Yip, Xi Wang, Nickolai Zeldovich, M. Frans Kaashoek	Improving application security with data flow assertions.	SOSP	2009	DBLP DOI BibTeX RDF	xss, security, privacy, web, python, php, sql injection
2	Nuno Laranjeiro, Marco Vieira, Henrique Madeira	Protecting Database Centric Web Services against SQL/XPath Injection Attacks.	DEXA	2009	DBLP DOI BibTeX RDF	XPath Injection, Web services, vulnerabilities, SQL Injection, code instrumentation, security attacks
2	Hossain Shahriar, Mohammad Zulkernine	MUSIC: Mutation-based SQL Injection Vulnerability Checking.	QSIC	2008	DBLP DOI BibTeX RDF
2	Fred Dysart, Mark Sherriff	Automated Fix Generator for SQL Injection Attacks.	ISSRE	2008	DBLP DOI BibTeX RDF
2	Ben H. Smith, Yonghee Shin, Laurie Williams	Proposing SQL statement coverage metrics.	SESS	2008	DBLP DOI BibTeX RDF	security, test, SQL, attack, SQL injection, coverage criteria, threat
2	Monica S. Lam, Michael C. Martin, V. Benjamin Livshits, John Whaley	Securing web applications with static and dynamic information flow tracking.	PEPM	2008	DBLP DOI BibTeX RDF	model checking, static analysis, web applications, pattern matching, dynamic analysis, SQL injection, cross-site scripting
2	José Fonseca, Marco Vieira, Henrique Madeira	Online detection of malicious data access using DBMS auditing.	SAC	2008	DBLP DOI BibTeX RDF	DBMS auditing, intrusion detection, SQL injection
2	Cristian Pinzón, Yanira de Paz, Javier Bajo	A Multiagent Based Strategy for Detecting Attacks in Databases in a Distributed Mode.	DCAI	2008	DBLP DOI BibTeX RDF	Security database, Multi-agent, IDS, case-based reasoning, SQL injection
2	Cristian Pinzón, Yanira de Paz, Rosa Cano	Classification Agent-Based Techniques for Detecting Intrusions in Databases.	HAIS	2008	DBLP DOI BibTeX RDF	neural networks, multiagent systems, case-based reasoning, SQL injection
2	José Fonseca, Marco Vieira, Henrique Madeira	Testing and Comparing Web Vulnerability Scanning Tools for SQL Injection and XSS Attacks.	PRDC	2007	DBLP DOI BibTeX RDF
2	Elisa Bertino, Ashish Kamra, James P. Early	Profiling Database Application to Detect SQL Injection Attacks.	IPCCC	2007	DBLP DOI BibTeX RDF
2	Xiang Fu, Xin Lu, Boris Peltsverger, Shijun Chen, Kai Qian, Lixin Tao	A Static Analysis Framework For Detecting SQL Injection Vulnerabilities.	COMPSAC	2007	DBLP DOI BibTeX RDF
2	Yuji Kosuga, Kenji Kono, Miyuki Hanaoka, Miho Hishiyama, Yu Takahama	Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection.	ACSAC	2007	DBLP DOI BibTeX RDF
2	Ettore Merlo, Dominic Letarte, Giuliano Antoniol	Automated Protection of PHP Applications Against SQL-injection Attacks.	CSMR	2007	DBLP DOI BibTeX RDF
2	Ke Wei, Muthusrinivasan Muthuprasanna, Suraj Kothari	Preventing SQL Injection Attacks in Stored Procedures.	ASWEC	2006	DBLP DOI BibTeX RDF
2	Ettore Merlo, Dominic Letarte, Giuliano Antoniol	Insider and Ousider Threat-Sensitive SQL Injection Vulnerability Analysis in PHP.	WCRE	2006	DBLP DOI BibTeX RDF
2	Muthusrinivasan Muthuprasanna, Ke Wei, Suraj Kothari	Eliminating SQL Injection Attacks - A Transparent Defense Mechanism.	WSE	2006	DBLP DOI BibTeX RDF
2	Mário Guimarães	New challenges in teaching database security.	InfoSecCD	2006	DBLP DOI BibTeX RDF	data mining, DBMS, data warehouse, MLS, SQL injection, DBA
2	Stefan Kals, Engin Kirda, Christopher Krügel, Nenad Jovanovic	SecuBat: a web vulnerability scanner.	WWW	2006	DBLP DOI BibTeX RDF	automated vulnerability detection, security, crawling, SQL injection, XSS, cross-site scripting, scanner
2	Jin-Cherng Lin, Jan-Min Chen	An Automatic Revised Tool for Anti-Malicious Injection.	CIT	2006	DBLP DOI BibTeX RDF	Complete crawling, Malicious injection, Security, SQL Injection, Input validation
2	William G. J. Halfond, Alessandro Orso	Combining static analysis and runtime monitoring to counter SQL-injection attacks.	ACM SIGSOFT Software Engineering Notes	2005	DBLP DOI BibTeX RDF
2	Gregory Buehrer, Bruce W. Weide, Paolo A. G. Sivilotti	Using parse tree validation to prevent SQL injection attacks.	SEM	2005	DBLP DOI BibTeX RDF
2	Russell A. McClure, Ingolf H. Krüger	SQL DOM: compile time checking of dynamic SQL statements.	ICSE	2005	DBLP DOI BibTeX RDF	SQL DOM, SQL strings, dynamic SQL, SQL, SQL injection, impedance mismatch
2	Stephen W. Boyd, Angelos D. Keromytis	SQLrand: Preventing SQL Injection Attacks.	ACNS	2004	DBLP DOI BibTeX RDF
1	Inyong Lee, Soonki Jeong, Sangsoo Yeo, Jongsub Moon	A novel method for SQL injection attack detection based on removing SQL query attribute values.	Mathematical and Computer Modelling	2012	DBLP DOI BibTeX RDF
1	Diallo Abdoulaye Kindy, Al-Sakib Khan Pathan	A Detailed Survey on Various Aspects of SQL Injection: Vulnerabilities, Innovative Attacks, and Remedies	CoRR	2012	DBLP BibTeX RDF
1	Yu-Chi Chung, Ming-Chuan Wu, Yih-Chang Chen, Wen-Kui Chang	A Hot Query Bank approach to improve detection performance against SQL injection attacks.	Computers & Security	2012	DBLP DOI BibTeX RDF
1	Abdul Bashah Mat Ali, Ala' Yaseen Ibrahim Shakhatreh, Mohd Syazwan Abdullah, Jasem Alostad	SQL-injection vulnerability scanning tool for automatic creation of SQL-injection attacks.	Procedia CS	2011	DBLP DOI BibTeX RDF
1	Alessandro Orso	SQL Injection Attacks.	Encyclopedia of Cryptography and Security (2nd Ed.)	2011	DBLP DOI BibTeX RDF
1	Takeshi Matsuda, Daiki Koizumi, Michio Sonoda, Shigeichi Hirasawa	On predictive errors of SQL injection attack detection by the feature of the single character.	SMC	2011	DBLP DOI BibTeX RDF
1	Justy Jameson, K. K. Sherly	SQL Injection Disclosure Using BLAH Algorithm.	ACC	2011	DBLP DOI BibTeX RDF
1	Hao Wang, Jinsong Wang, Jian Zhang, Sheng Lin, Chengyi Xia	The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior.	ICFCE	2011	DBLP DOI BibTeX RDF
1	Nidal Khoury, Pavol Zavarsky, Dale Lindskog, Ron Ruhl	An Analysis of Black-Box Web Application Security Scanners against Stored SQL Injection.	SocialCom/PASSAT	2011	DBLP DOI BibTeX RDF
1	A. S. Yeole, B. B. Meshram	Analysis of different technique for detection of SQL injection.	ICWET	2011	DBLP DOI BibTeX RDF
1	V. Shanmughaneethi, Ra. Yagna Pravin, C. Emilin Shyni, S. Swamynathan	SQLIVD - AOP: Preventing SQL Injection Vulnerabilities Using Aspect Oriented Programming through Web Services.	HPAGC	2011	DBLP DOI BibTeX RDF
1	Roshni Chandrashekhar, Manoj Mardithaya, Santhi Thilagam, Dipankar Saha	SQL Injection Attack Mechanisms and Prevention Techniques.	ADCONS	2011	DBLP DOI BibTeX RDF
1	Allen Pomeroy, Qing Tan	Effective SQL Injection Attack Reconstruction Using Network Recording.	CIT	2011	DBLP DOI BibTeX RDF
1	Kunal Sadalkar, Radhesh Mohandas, Alwyn R. Pais	Model Based Hybrid Approach to Prevent SQL Injection Attacks in PHP.	InfoSecHiComNet	2011	DBLP DOI BibTeX RDF
1	Michio Sonoda, Takeshi Matsuda, Daiki Koizumi, Shigeichi Hirasawa	On automatic detection of SQL injection attacks by the feature extraction of the single character.	SIN	2011	DBLP DOI BibTeX RDF
1	Raymond Mui, Phyllis Frankl	Preventing SQL Injection through Automatic Query Sanitization with ASSIST	TAV-WEB	2010	DBLP DOI BibTeX RDF
1	San-Tsai Sun, Konstantin Beznosov	Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks.	IJSSE	2010	DBLP DOI BibTeX RDF
1	Prithvi Bisht, Parthasarathy Madhusudan, V. N. Venkatakrishnan	CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks.	ACM Trans. Inf. Syst. Secur.	2010	DBLP DOI BibTeX RDF
1	Cristian Pinzón, Juan Francisco de Paz, Javier Bajo, Álvaro Herrero, Emilio Corchado	AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks.	HIS	2010	DBLP DOI BibTeX RDF
1	Atefeh Tajpour, Maslin Masrom, Mohammad JorJor Zadeh Shooshtari, Hossein Rouhani Zeidanloo	Comparison of SQL Injection Detection and Prevention Tools based on Attack Type and Deployment Requirements.	SEDE	2010	DBLP BibTeX RDF
1	Cristian Pinzón, Álvaro Herrero, Juan Francisco de Paz, Emilio Corchado, Javier Bajo	CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks.	HAIS	2010	DBLP DOI BibTeX RDF
1	Beihua Wu	SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications.	e-Forensics	2010	DBLP DOI BibTeX RDF
1	Raju Halder, Agostino Cortesi	Obfuscation-based analysis of SQL injection attacks.	ISCC	2010	DBLP DOI BibTeX RDF
1	Ivano Alessandro Elia, José Fonseca, Marco Vieira	Comparing SQL Injection Detection Tools Using Attack Injection: An Experimental Study.	ISSRE	2010	DBLP DOI BibTeX RDF
1	Ben H. Smith, Laurie Williams, Andrew Austin	Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks.	ESSoS	2010	DBLP DOI BibTeX RDF
1	Stephen Thomas, Laurie Williams, Tao Xie	On automated prepared statement generation to remove SQL injection vulnerabilities.	Information & Software Technology	2009	DBLP DOI BibTeX RDF
1	Dimitris Mitropoulos, Diomidis Spinellis	SDriver: Location-specific signatures prevent SQL injection attacks.	Computers & Security	2009	DBLP DOI BibTeX RDF
1	Nuno Antunes, Marco Vieira	Comparing the Effectiveness of Penetration Testing and Static Code Analysis on the Detection of SQL Injection Vulnerabilities in Web Services.	PRDC	2009	DBLP DOI BibTeX RDF
1	Massimo Ficco, Luigi Coppolino, Luigi Romano	A Weight-Based Symptom Correlation Approach to SQL Injection Attacks.	LADC	2009	DBLP DOI BibTeX RDF
1	Nuno Antunes, Marco Vieira	Detecting SQL Injection Vulnerabilities in Web Services.	LADC	2009	DBLP DOI BibTeX RDF
1	Kasra Amirtahmasebi, Seyed Reza Jalalinia, Saghar Khadem	A survey of SQL injection defense mechanisms.	ICITST	2009	DBLP BibTeX RDF
1	Thomas M. Chen, John F. Buford	Design considerations for a honeypot for SQL injection Attacks.	LCN	2009	DBLP DOI BibTeX RDF
1	Daniel W. Yoas	Hashing as a Method of Preventing SQL Injection During Data Retrieval.	SWWS	2009	DBLP BibTeX RDF
1	Cristian Pinzón, Juan Francisco de Paz, Javier Bajo, Juan M. Corchado	An Adaptive Mechanism to Protect Databases against SQL Injection.	JISBD	2009	DBLP BibTeX RDF
1	Youngsang Shin, Steven A. Myers, Minaxi Gupta	A Case Study on Asprox Infection Dynamics.	DIMVA	2009	DBLP DOI BibTeX RDF	Asprox, Security, Malware, SQL Injection
1	Adam Kiezun, Vijay Ganesh, Philip J. Guo, Pieter Hooimeijer, Michael D. Ernst	HAMPI: a solver for string constraints.	ISSTA	2009	DBLP DOI BibTeX RDF	string constraints, regular languages, context-free languages
1	Pieter Hooimeijer, Westley Weimer	A decision procedure for subset constraints over regular languages.	PLDI	2009	DBLP DOI BibTeX RDF	decision procedure, regular language
1	V. Benjamin Livshits, Aditya V. Nori, Sriram K. Rajamani, Anindya Banerjee	Merlin: specification inference for explicit information flow problems.	PLDI	2009	DBLP DOI BibTeX RDF	security analysis tools, specification inference
1	Hossain Shahriar, Mohammad Zulkernine	Automatic Testing of Program Security Vulnerabilities.	COMPSAC	2009	DBLP DOI BibTeX RDF
1	Arjun Dasgupta, Vivek R. Narasayya, Manoj Syamala	A Static Analysis Framework for Database Applications.	ICDE	2009	DBLP DOI BibTeX RDF
1	Hyung Chan Kim, Angelos D. Keromytis, Michael Covington, Ravi Sahita	Capturing Information Flow with Concatenated Dynamic Taint Analysis.	ARES	2009	DBLP DOI BibTeX RDF
1	Nuno Antunes, Nuno Laranjeiro, Marco Vieira, Henrique Madeira	Effective Detection of SQL/XPath Injection Vulnerabilities in Web Services.	IEEE SCC	2009	DBLP DOI BibTeX RDF
1	Bryan Parno, Jonathan M. McCune, Dan Wendlandt, David G. Andersen, Adrian Perrig	CLAMP: Practical Prevention of Large-Scale Data Leaks.	IEEE Symposium on Security and Privacy	2009	DBLP DOI BibTeX RDF
1	Michael C. Martin, Monica S. Lam	Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking.	USENIX Security Symposium	2008	DBLP BibTeX RDF
1	Kai Shen, Ming Zhong, Sandhya Dwarkadas, Chuanpeng Li, Christopher Stewart, Xiao Zhang	Hardware counter driven on-the-fly request signatures.	ASPLOS	2008	DBLP DOI BibTeX RDF	operating system adaptation, request classification, server system, anomaly detection, hardware counter
1	James Walden	Integrating web application security into the IT curriculum.	SIGITE Conference	2008	DBLP DOI BibTeX RDF	web security education, web application security
1	Jin-Cherng Lin, Jan-Min Chen, Cheng-Hsiung Liu	An Automatic Mechanism for Sanitizing Malicious Injection.	ICYCS	2008	DBLP DOI BibTeX RDF
1	Yu-Chin Cheng, Chi-Sung Laih, Gu Hsin Lai, Chia-Mei Chen, Tsuhan Chen	Defending On-Line Web Application Security with User-Behavior Surveillance.	ARES	2008	DBLP DOI BibTeX RDF	Web attacks, Markov model, User behavior, Web security, Web application security
1	Nathaniel Ayewah, David Hovemeyer, J. David Morgenthaler, John Penix, William Pugh	Using Static Analysis to Find Bugs.	IEEE Software	2008	DBLP DOI BibTeX RDF
1	William G. J. Halfond, Alessandro Orso, Pete Manolios	WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation.	IEEE Trans. Software Eng.	2008	DBLP DOI BibTeX RDF	Security and Protection, Protection mechanisms
1	Antonio San Martino, Xavier Perramon	Securing Web Banking Applications.	Financial Cryptography	2008	DBLP DOI BibTeX RDF
1	Sean McAllister, Engin Kirda, Christopher Kruegel	Leveraging User Interactions for In-Depth Testing of Web Applications.	RAID	2008	DBLP DOI BibTeX RDF
1	Theodoros Tzouramanis	SQL Injection Attack as a Threat of Web Portals.	Encyclopedia of Portal Technologies and Applications	2007	DBLP BibTeX RDF
1	William G. J. Halfond, Alessandro Orso	Detection and Prevention of SQL Injection Attacks.	Malware Detection	2007	DBLP DOI BibTeX RDF
1	Ettore Merlo, Dominic Letarte, Giuliano Antoniol	SQL-Injection Security Evolution Analysis in PHP.	WSE	2007	DBLP DOI BibTeX RDF
1	Susanta Nanda, Lap-Chung Lam, Tzi-cker Chiueh	Dynamic multi-process information flow tracking for web application security.	Middleware (Demos and Posters)	2007	DBLP DOI BibTeX RDF	dynamic checking compiler, SQL injection, cross-site scripting, web application security, taint analysis, information flow tracking
1	Michael Dalton, Hari Kannan, Christos Kozyrakis	Raksha: a flexible information flow architecture for software security.	ISCA	2007	DBLP DOI BibTeX RDF	semantic vulnerabilities, dynamic, software security
1	Gary Wassermann, Zhendong Su	Sound and precise analysis of web applications for injection vulnerabilities.	PLDI	2007	DBLP DOI BibTeX RDF	string analysis, static analysis, web applications
1	Alex Roichman, Ehud Gudes	Fine-grained access control to web databases.	SACMAT	2007	DBLP DOI BibTeX RDF	database vulnerability, parameterized view, rolling key, web database security, access control, session key
1	Shiuh-Jeng Wang, Yao-Han Chang, Wen-Ya Chiang, Wen-Shenq Juang	Investigations in Cross-site Script on Web-systems Gathering Digital Evidence against Cyber-Intrusions.	FGCN	2007	DBLP DOI BibTeX RDF	Forensics and Evidence, internet attacks, website systems