Welcome to the InfoSci Platform
Exploring Defense of SQL Injection Attack in Penetration Testing

Exploring Defense of SQL Injection Attack in Penetration Testing

Alex Zhu, Wei Qi Yan
Copyright: © 2017 |Volume: 9 |Issue: 4 |Pages: 10
ISSN: 1941-6210|EISSN: 1941-6229|EISBN13: 9781522512301|DOI: 10.4018/IJDCF.2017100106
Cite Article Cite Article

MLA

Zhu, Alex, and Wei Qi Yan. "Exploring Defense of SQL Injection Attack in Penetration Testing." IJDCF vol.9, no.4 2017: pp.62-71. http://doi.org/10.4018/IJDCF.2017100106

APA

Zhu, A. & Yan, W. Q. (2017). Exploring Defense of SQL Injection Attack in Penetration Testing. International Journal of Digital Crime and Forensics (IJDCF), 9(4), 62-71. http://doi.org/10.4018/IJDCF.2017100106

Chicago

Zhu, Alex, and Wei Qi Yan. "Exploring Defense of SQL Injection Attack in Penetration Testing," International Journal of Digital Crime and Forensics (IJDCF) 9, no.4: 62-71. http://doi.org/10.4018/IJDCF.2017100106

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack (DDoS). The DDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectively detect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims may not be even aware of that their confidential data has been compromised for a long time. In this paper, our contribution is that we evaluate several most popular open source SQLIA tools and SQLIA prevention tools with both qualitative and quantitative assessments.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.