SYNTAX AND SEMANTIC ANALYSIS FOR SQL-INJECTION ATTACKS

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

TAJALLI POUR BAHARE; SAFAEI ALI ASGHAR

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2014 | Volume:2 | Issue:1 (5) Page(s): 83-97

Download Full-Text

Persian Verion

View:

988

Download:

Cites:

Information Journal Paper

Title

SYNTAX AND SEMANTIC ANALYSIS FOR SQL-INJECTION ATTACKS

Author(s)

TAJALLI POUR BAHARE | SAFAEI ALI ASGHAR | Issue Writer Certificate

Keywords

DATABASEQ2

SQL INJECTIONQ2

ONTOLOGYQ1

SEMANTIC ANALYSISQ2

STATIC AND DYNAMIC ANALYSISQ2

DYNAMIC QUERYQ2

Abstract

One of the most critical attacks, threatening the security of DATABASEs is SQL INJECTION attack which is mostly held through web applications. This paper proposes a new method to detect and prevent SQL INJECTION attack. The method is based on combination of both static and dynamic approaches and SEMANTIC ANALYSIS of queries. Run time queries are matched with static list and semantic pattern and as a result the degree of attack factor existence will be checked. ONTOLOGY is used on creation of semantic patterns. According to tests which are gathered from different DATABASEs, this method acts efficiently and flexibly enough to discover new attacks. The suggested architecture, in contrast with the others, is designed in such a way that it does not have a great DATABASE dependency and by some changes it can be used for the other DATABASEs.

Cites

No record.

References

No record.

Cite

APA: Copy

TAJALLI POUR, BAHARE, & SAFAEI, ALI ASGHAR. (2014). SYNTAX AND SEMANTIC ANALYSIS FOR SQL-INJECTION ATTACKS. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 2(1 (5)), 83-97. SID. https://sid.ir/paper/243201/en

Vancouver: Copy

TAJALLI POUR BAHARE, SAFAEI ALI ASGHAR. SYNTAX AND SEMANTIC ANALYSIS FOR SQL-INJECTION ATTACKS. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2014;2(1 (5)):83-97. Available from: https://sid.ir/paper/243201/en

IEEE: Copy

BAHARE TAJALLI POUR, and ALI ASGHAR SAFAEI, “SYNTAX AND SEMANTIC ANALYSIS FOR SQL-INJECTION ATTACKS,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 2, no. 1 (5), pp. 83–97, 2014, [Online]. Available: https://sid.ir/paper/243201/en

Related Journal Papers