SQL Injection Attack and Countermeasures

SQL injection has become a predominant type of attacks that target web applications. It allows attackers to obtain unauthorized access to the back-end database by submitting malicious SQL query segments to change the intended application-generated SQL queries. Researchers have proposed various solutions to address SQL injection problems. However, many of them have limitations and often cannot address all kinds of injection problems. What s more, new types of SQL injection attacks have arisen over the years. To better counter these attacks, identifying and understanding the types of SQL injections and existing countermeasures are very important.This book presents a review of different types of SQL injections and illustrated how to use them to perform attacks. It also surveys existing techniques against SQL injection attacks and analyzed their advantages and disadvantages. In addition, It identifies techniques for building secure systems and applied them to my applications and database system, and illustrated how they were performed and the effect of them.

Autorentext

Six years of Professional Experience. Publications on SQLIA: 1.Preventing SQL Injection Attacks on .NET Applications - An Approach 2.Token Based Approach To Block SQL Injection Attacks 3.An Approach to prevent SQL injection attacks- A way to secure Query Processing 4.A survey of SQLIA Countermeasures