A Countermeasure to SQL Injection Attack for Cloud Environment

被引：18

作者：

Wu, Tsu-Yang ^{[1
]}

Chen, Chien-Ming ^{[1
]}

Sun, Xiuyang ^{[1
]}

Liu, Shuai ^{[1
]}

Lin, Jerry Chun-Wei ^{[2
]}

机构：

[1] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, Shenzhen, Peoples R China

[2] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, IIIRC, Shenzhen, Peoples R China

来源：

WIRELESS PERSONAL COMMUNICATIONS | 2017年 / 96卷 / 04期

基金：

中国国家自然科学基金;

关键词：

Cloud computing; SQL injection attack; Network security; SECURITY;

D O I：

10.1007/s11277-016-3741-7

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Although cloud computing becomes a new computing model, a variety of security threats have been described. Among these threats, SQL injection attack (SQLIA) has received increasing attention recently. In the past, many researchers had proposed several methods to counter SQLIAs. However, these countermeasures of SQLIAs cannot be applied to cloud environments directly. In this paper, we propose a mechanism called CCSD (Cloud Computing SQLIA Detection) to detect SQLIAs. CCSD does not require any access to the application's source code. Hence, it can be directly applied to existing cloud environments. The experimental results demonstrate that CCSD has high accuracy, low false positive rates and low time consumption.

引用

页码：5279 / 5293

页数：15

共 50 条

[31] Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications
Dalai, Asish Kumar
Jena, Sanjay Kumar
SECURITY AND COMMUNICATION NETWORKS, 2017,
[32] ANALYSIS OF SQL INJECTION ATTACK IN WEB SERVICE (A CASE STUDY OF WEBSITE IN ACEH PROVINCE)
Munadi, Rizal
Fajri, T. Surya
Meutia, Ernita Dewi
Elizar
PROCEEDINGS OF 2013 3RD INTERNATIONAL CONFERENCE ON INSTRUMENTATION, COMMUNICATIONS, INFORMATION TECHNOLOGY, AND BIOMEDICAL ENGINEERING (ICICI-BME), 2013, : 431 - 435
[33] SQL-Injection Vulnerabilities Resolving using Valid Security Tool in Cloud
Singh, Niharika
Singh, Ashutosh Kumar
PERTANIKA JOURNAL OF SCIENCE AND TECHNOLOGY, 2019, 27 (01): : 159 - 174
[34] SDSIOT: An SQL Injection Attack Detection and Stage Identification Method Based on Outbound Traffic
Fu, Houlong
Guo, Chun
Jiang, Chaohui
Ping, Yuan
Lv, Xiaodan
ELECTRONICS, 2023, 12 (11)
[35] Implementation of an RFID Relay Attack Countermeasure
Guizani, Sghaier
2015 INTERNATIONAL WIRELESS COMMUNICATIONS & MOBILE COMPUTING CONFERENCE (IWCMC), 2015, : 1318 - 1323
[36] Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph
Wang W.
Du X.
Shan D.
Tongxin Xuebao/Journal on Communications, 2021, 42 (01): : 1 - 17
[37] Detecting DDoS Attack using Software Defined Network (SDN) in Cloud Computing Environment
Bhushan, Kriti
Gupta, B. B.
2018 5TH INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND INTEGRATED NETWORKS (SPIN), 2018, : 872 - 877
[38] Cloud droplets freezing attack in cloud computing
Wang, Yichuan
Ma, Jianfeng
Lu, Di
Zhang, Liumei
Meng, Xianjia
Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University, 2014, 41 (03): : 116 - 122
[39] A novel countermeasure technique for reactive jamming attack in internet of things
Fadele, Alaba Ayotunde
Othman, Mazliza
Hashem, Ibrahim Abaker Targio
Yaqoob, Ibrar
Imran, Muhammad
Shoaib, Muhammad
MULTIMEDIA TOOLS AND APPLICATIONS, 2019, 78 (21) : 29899 - 29920
[40] The DAO Induction Attack: Analysis and Countermeasure
Shabani Baghani, Ahmad
Rahimpour, Sonbol
Khabbazian, Majid
IEEE INTERNET OF THINGS JOURNAL, 2022, 9 (07) : 4875 - 4887

← 1 2 3 4 5 →