A Survey of SQL Injection Attack Detection and Prevention

Elshazly, Khaled; Fouad, Yasser; Saleh, Mohamed S.; Sewisy, Adel A.

doi:10.4236/jcc.2014.28001

Cited by 23 publications

(6 citation statements)

References 5 publications

(5 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The interactivity of online services accepts input from users, which gives hackers a chance to steal data from a venerable system by using injection attacks [22] . To prevent this, end-user devices should validate all user input, permit only minimally privileged accounts to send user input to the server, and run SQL Server with the least necessary privileges [23] .…”

Section: Security Issues and Solutionsmentioning

confidence: 99%

Security and Privacy in Metaverse: A Comprehensive Survey

Huang

Cai

2023

Big Data Min. Anal.

114

View full text Add to dashboard Cite

Metaverse describes a new shape of cyberspace and has become a hot-trending word since 2021. There are many explanations about what Meterverse is and attempts to provide a formal standard or definition of Metaverse.However, these definitions could hardly reach universal acceptance. Rather than providing a formal definition of the Metaverse, we list four must-have characteristics of the Metaverse: socialization, immersive interaction, real world-building, and expandability. These characteristics not only carve the Metaverse into a novel and fantastic digital world, but also make it suffer from all security/privacy risks, such as personal information leakage, eavesdropping, unauthorized access, phishing, data injection, broken authentication, insecure design, and more. This paper first introduces the four characteristics, then the current progress and typical applications of the Metaverse are surveyed and categorized into four economic sectors. Based on the four characteristics and the findings of the current progress, the security and privacy issues in the Metaverse are investigated. We then identify and discuss more potential critical security and privacy issues that can be caused by combining the four characteristics. Lastly, the paper also raises some other concerns regarding society and humanity.

show abstract

Section: Security Issues and Solutionsmentioning

confidence: 99%

Security and Privacy in Metaverse: A Comprehensive Survey

Huang

Cai

2023

Big Data Min. Anal.

114

View full text Add to dashboard Cite

show abstract

“…In line with a standard nomenclature adopted for the database objects, the database and tables were named hssfi_organo_database and hssfi_organo_table respectively. The SQL CREATE command [17] was used in creating these two objects. An important precaution is the issuance of a windows command \c in between database and table creation sessions.…”

Section: System Implementationmentioning

confidence: 99%

Hierarchical Database Construction and Retrieval

2020

IJATCSE

View full text Add to dashboard Cite

There are a number of scientific issues whose solutions require advanced database construction and retrieval techniques. One of such is in dealing with hierarchical database projects. Researchers have attempted to use a number of technological tools and techniques in this regard. This work utilizes Recursive Common Table Expressions (RCTE) to tackle this problem. The three objectives of this work are to demonstrate the construction of a small scale enterprise hierarchical database from the scratch, and to demystify hierarchical database retrieval using recursive query techniques. The practical case used in this work is a Hypothetical Small Scale Financial Institution, termed the HSSFI Bank. The actual implementation of this research was done using PosgreSQL in a Windows Environment, with the conceptualization, hierarchical construction procedures and the system outputs clearly demystified.

show abstract

“…Traditionally, code injection detection is done via static analysis and signature-based detection as well as design of the web application, so as to [14]:…”

Section: Related Workmentioning

confidence: 99%

CODDLE: Code-Injection Detection With Deep Learning

Abaimov

Bianchi

2019

IEEE Access

View full text Add to dashboard Cite

Code Injection attacks such as SQL Injection and Cross-Site Scripting (XSS) are among the major threats for today's web applications and systems. This paper proposes CODDLE, a deep learning-based intrusion detection systems against web-based code injection attacks. CODDLE's main novelty consists in adopting a Convolutional Deep Neural Network and in improving its effectiveness via a tailored pre-processing stage which encodes SQL/XSS-related symbols into type/value pairs. Numerical experiments performed on real-world datasets for both SQL and XSS attacks show that, with an identical training and with a same neural network shape, CODDLE's type/value encoding improves the detection rate from a baseline of about 75% up to 95% accuracy, 99% precision, and a 92% recall value.

show abstract

A Survey of SQL Injection Attack Detection and Prevention

Cited by 23 publications

References 5 publications

Security and Privacy in Metaverse: A Comprehensive Survey

Security and Privacy in Metaverse: A Comprehensive Survey

Hierarchical Database Construction and Retrieval

CODDLE: Code-Injection Detection With Deep Learning

Contact Info

Product

Resources

About