Code-based Analysis Approach to Detect and Prevent SQL Injection Attacks
暂无分享,去创建一个
[1] Kim-Kwang Raymond Choo,et al. Context-oriented web application protection model , 2016, Appl. Math. Comput..
[2] Giovanni Vigna,et al. A Learning-Based Approach to the Detection of SQL Attacks , 2005, DIMVA.
[3] Angshuman Jana,et al. On Preventing SQL Injection Attacks , 2015, ACSS.
[4] Zhendong Su,et al. The essence of command injection attacks in web applications , 2006, POPL '06.
[5] Alessandro Orso,et al. A Classification of SQL Injection Attacks and Countermeasures , 2006, ISSSE.
[6] Premkumar T. Devanbu,et al. JDBC checker: a static analysis tool for SQL/JDBC applications , 2004, Proceedings. 26th International Conference on Software Engineering.
[7] Benjamin Livshits,et al. Finding Security Vulnerabilities in Java Applications with Static Analysis , 2005, USENIX Security Symposium.
[8] Tadeusz Pietraszek,et al. Defending Against Injection Attacks Through Context-Sensitive String Evaluation , 2005, RAID.
[9] Stéphane Bressan,et al. Introduction to Database Systems , 2005 .
[10] Jay Ligatti,et al. Defining code-injection attacks , 2012, POPL '12.
[11] Richard Sharp,et al. Abstracting application-level web security , 2002, WWW.
[12] D. T. Lee,et al. Securing web application code by static analysis and runtime protection , 2004, WWW '04.
[13] Vineet Agarwal,et al. A new approach of text steganography based on mathematical model of number system , 2014, 2014 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2014].
[14] Alessandro Orso,et al. Combining static analysis and runtime monitoring to counter SQL-injection attacks , 2005, ACM SIGSOFT Softw. Eng. Notes.
[15] Alessandro Orso,et al. AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks , 2005, ASE.
[16] Mohammad Abu Kausar,et al. Suitability Of Influxdb Database For Iot Applications 1851 , 2019 .
[17] Vitaly Shmatikov,et al. Diglossia: detecting code injection attacks with precision and efficiency , 2013, CCS.
[18] Shih-Kun Huang,et al. Web application security assessment by fault injection and behavior monitoring , 2003, WWW '03.
[19] Angelos D. Keromytis,et al. SQLrand: Preventing SQL Injection Attacks , 2004, ACNS.
[20] Angshuman Jana,et al. A Symbolic Model Checker for Database Programs , 2018, ICSOFT.
[21] Qi Li,et al. Research on SQL Injection Vulnerability Attack model , 2018, 2018 5th IEEE International Conference on Cloud Computing and Intelligence Systems (CCIS).
[22] Cheng-Hsiung Liu,et al. An Automatic Mechanism for Adjusting Validation Function , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).
[23] V. N. Venkatakrishnan,et al. CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks , 2010, TSEC.
[24] Anh Nguyen-Tuong,et al. Automatically Hardening Web Applications Using Precise Tainting , 2005, SEC.
[25] Angshuman Jana,et al. Defining Abstract Semantics for Static Dependence Analysis of Relational Database Applications , 2016, ICISS.
[26] Shiuh-Pyng Shieh,et al. Web Application Security: Threats, Countermeasures, and Pitfalls , 2017, Computer.
[27] Srinath Srinivasa,et al. Active databases as information systems , 2004, Proceedings. International Database Engineering and Applications Symposium, 2004. IDEAS '04..
[28] Agostino Cortesi,et al. Data Leakage Analysis of the Hibernate Query Language on a Propositional Formulae Domain , 2016, Trans. Large Scale Data Knowl. Centered Syst..
[29] Bruce W. Weide,et al. Using parse tree validation to prevent SQL injection attacks , 2005, SEM '05.
[30] R.A. McClure,et al. SQL DOM: compile time checking of dynamic SQL statements , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..
[31] Agostino Cortesi,et al. Policy-Based Slicing of Hibernate Query Language , 2015, CISIM.
[32] Michael Franz,et al. Dynamic taint propagation for Java , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).
[33] Ramez Elmasri,et al. Fundamentals of Database Systems , 1989 .
[34] Agostino Cortesi,et al. Extending Abstract Interpretation to Dependency Analysis of Database Applications , 2020, IEEE Transactions on Software Engineering.