NoSQL Injection: Data Security on Web Vulnerability

No SQL, No Injection? Examining NoSQL Security

NoSQL data storage systems have become very popular due to their scalability and ease of use. This paper examines the maturity of security measures for NoSQL databases, addressing their new query and access mechanisms. For example the emergence of new query formats makes the old SQL injection techniques irrelevant, but are NoSQL databases immune to injection in general? The answer is NO. Here w...

Evaluation of Web Security Mechanisms Using Vulnerability & Attack Injection

A Survey on Security Issues in Big Data and NoSQL

This paper presents a survey on security and privacy issues in big data and NoSQL. Due to the high volume, velocity and variety of big data, security and privacy issues are different in such streaming data infrastructures with diverse data format. Therefore, traditional security models have difficulties in dealing with such large scale data. In this paper we present some security issues in big ...

Web Application Security by SQL Injection DetectionTools

SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability...

ASVC: An Automatic Security Vulnerability Categorization Framework Based on Novel Features of Vulnerability Data

— Security vulnerabilities are a main cause of network security. Vulnerability classification gives us a better understanding of the essence of vulnerabilities, which help propose efficient solutions. However, applying Vulnerability Categorization Standard (VCS) to manually categorize vulnerabilities is impracticable since it is time-consuming and subjective. To address this issue, a new frame...