GIẢI PHÁP KIỂM TRA VÀ CẢNH BÁO LỖI CÁC TRANG WEB TỰ ĐỘNG DỰA VÀO KẾT QUẢ QUÉT CỦA CÁC CÔNG CỤ QUÉT LỖI WEB
Tóm tắt
Từ khóa
Toàn văn:
PDFCác tài liệu tham khảo
Mihir Gandhi, JwalantBaria, “SQL INJECTION Attacks in Web Application”, International Journal of Soft Computing and Engineering (IJSCE), ISSN: 2231-2307, Volume-2, Issue-6, January (2013).
AtefehTajpour, Suhaimi Ibrahim, Mohammad Sharifi, “Web Application Security by SQL Injection DetectionTools”, IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 2, No 3, March (2012).
Priyanka, Vijay Kumar Bohat, “Detection of SQL Injection Attack and Various Prevention Strategies”, International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 2249 – 8958, Volume-2, Issue-4, April (2013).
Chad Dougherty, “Practical Identification of SQL Injection Vulnerabilities”, United States Computer Emergency Readiness Team (US-CERT), October 25, (2012).
Inyong Lee , Soonki Jeong Sangsoo Yeoc, Jongsub Moond, “A novel method for SQL injection attack detection based on removing SQL query attribute”, Journal Of mathematical and computer modeling, Elsevier (2011).
Z. Su and G. Wassermann “The essence of command injection attacks in web applications”, In ACM Symposium on Principles of Programming Languages, Jan. (2006).
S. Thomas, L. Williams, and T. Xie, “On automated prepared statement generation to remove SQL injection vulnerabilities”, Information and Software Technology 51, 589–598, (2009).
K. Ahmad, J. Shekhar, and K.P. Yadav, “A Potential Solution to Mitigate SQL Injection Attack” VSRD Technical & Non-Technical Journal, 145-152, Vol. I, (2010).
L. Kishori and K. Sunil, “Detection And Prevention of SQL-Injection Attacks of Web Application Using Comparing Length of SQL Query”, ISSN: 2278- 5140, Volume-1, Issue February, (2012).
Wikipedia, http://en.wikipedia.org/wiki/SQL_injection
Acunetix Web Vulnerability Scanner, http://www.acunetix.com
Netsparker Web Vulnerability Scanner, www.mavitunasecurity.com
Nexpose, http://www.rapid7.com/products/nexpose
Retina Web Security Scanner, www.beyondtrust.com
Nessus Vulnerability Scanner, www.tenable.com
OWASP Zed Attack Proxy Project, www.owasp.org
DOI: http://dx.doi.org/10.37569/DalatUniversity.6.2.42(2016)
Các bài báo tham chiếu
- Hiện tại không có bài báo tham chiếu.
Copyright (c) 2016 Phạm Duy Lộc, Phan Thị Thanh Nga

Công trình này được cấp phép theo Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.