A Defense Model against SQL Injection Based on Parameterized Queries

Kuan Song; Hua Zhang

doi:10.2991/iccsae-15.2016.95

<Previous Article In Volume

Next Article In Volume>

A Defense Model against SQL Injection Based on Parameterized Queries

Authors

Kuan Song, Hua Zhang

Corresponding Author

Kuan Song

Available Online February 2016.

DOI: 10.2991/iccsae-15.2016.95 How to use a DOI?
Keywords: SQL injection; parameterized queries; defense model; web application security.
Abstract: The SQL injection attack is one of the topmost threats for web applications. Most previously proposed methods for detecting SQL injection attacks suffer from false positives and false negatives. This paper describes a defense model against SQL injection based on parameterized queries. Results show that our method has improvement on accuracy and efficiency.
Copyright: © 2016, the Authors. Published by Atlantis Press.
Open Access: This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

<Previous Article In Volume

Next Article In Volume>

Volume Title: Proceedings of the 2015 5th International Conference on Computer Sciences and Automation Engineering
Series: Advances in Computer Science Research
Publication Date: February 2016
ISBN: 978-94-6252-156-8
ISSN: 2352-538X
DOI: 10.2991/iccsae-15.2016.95 How to use a DOI?
Open Access: This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

ris enw bib

TY  - CONF
AU  - Kuan Song
AU  - Hua Zhang
PY  - 2016/02
DA  - 2016/02
TI  - A Defense Model against SQL Injection Based on Parameterized Queries
BT  - Proceedings of the 2015 5th International Conference on Computer Sciences and Automation Engineering
PB  - Atlantis Press
SP  - 515
EP  - 518
SN  - 2352-538X
UR  - https://doi.org/10.2991/iccsae-15.2016.95
DO  - 10.2991/iccsae-15.2016.95
ID  - Song2016/02
ER  -

download .riscopy to clipboard