SQL Injection (SQLI) is a common vulnerability found in web applications. The starting point of SQLI attack is the client-side (browser). If attack inputs can be detected early at the browse side, then it could be thwarted early by not forwarding the malicious inputs to the server-side for further processing. This paper presents a client-side approach to detect SQLI attacks. The client-side acc...

We present a formal approach for the analysis of attacks that exploit SQLi to violate security properties of web applications. We give a formal representation of web applications and databases, and show that our formalization effectively exploits SQLi attacks. We implemented our approach in a prototype tool called SQLfast and we show its efficiency on four real-world case studies, including the...

The creation of a stoma can profoundly affect a patient's quality of life. A prospective, 3-month multicenter study was conducted to evaluate stoma patient quality of life among volunteers receiving standard clinical follow-up (S) and those receiving intensive follow-up via telephone (I). A total of 336 patients volunteered to participate; 187 in the S group and 149 in the I group; mean age 63+...

Thousands of organisations store important and confidential information related to them, their customers, and their business partners in databases all across the world. The stored data ranges from less sensitive (e.g. first name, last name, date of birth) to more sensitive data (e.g. password, pin code, and credit card information). Losing data, disclosing confidential information or even chang...

Structured Query Language injection (SQLi) attack is a code injection technique where hackers inject SQL commands into a database via a vulnerable web application. Injected SQL commands can modify the back-end SQL database and thus compromise the security of a web application. In the previous publications, the author has proposed a Neural Network (NN)-based model for detections and classificati...

Traditional search engines deal with the Surface Web which is a set of Web pages directly accessible through hyperlinks and ignores a large part of the Web called hidden Web which is a great amount of valuable information of online database which is “hidden” behind the query forms. To access to those information the crawler have to fill the forms with a valid data, for this reason we propose a ...

<p><span>Almost every web-based application is managed and operated through a number of websites, each which vulnerable to cyber-attacks that are mounted across the same networks used by applications, with much less risk attacker than physical attacks. Such attacks make use range modern techniques-such as structured query language injection (SQLi), cross-site scripting, data tamperi...