Ontology for Blind SQL Injection

SQL Injection Evasion Detection

Preventing SQL Injection Attacks

With the recent rapid increase in web based applications that employ back-end database services, results show that SQL Injection and Remote File Inclusion are the two frequently used exploits rather than using other complicated techniques. With the rise in use of web applications, SQL injection based attacks are gradually increasing and is now one of the most common attacks in the internet. It ...

Inferential SQL Injection Attacks

This paper describes a class of SQL injection attacks (SQLIA) where attackers can deduce information from the back-end database management system (DBMS) without transferring actual data. Instead, by using predetermined differentiation mechanism, information is being inferred piece by piece. Because of its widespread success, particularly in difficult situations where other SQLIA classes fail, u...

SQL-injection vulnerability scanning tool for automatic creation of SQL-injection attacks

Securing the web against frequent cyber attacks is a big concern as attackers usually intend to snitch private information, financial information, deface and damages websites to prove their hacking capabilities. This type of vandalism may drive many corporations that conduct their business through the web to suffer financial and reputation damages. One of the most dangerous cyber attacks is the...

An Automatic Detection System for SQL Injection

The growth of the internet is increasing day by day, mostly content is database driven. There are many web applications like E-Commerce, banking where he/she has to trust on this application and have to provide personal information into their underlying database. If there is no confidentiality and security of information then any one can steal or see our information or may utilize this informat...