CANDID: preventing sql injection attacks using dynamic candidate evaluations

ACM Conference on Computer and Communications Security, pp. 12-24, 2007.

Cited by: 147|Views20
EI

Abstract:

SQL injection attacks are one of the topmost threats for applications written for the Web. These attacks are launched through specially crafted user input on web applications that use low level string operations to construct SQL queries. In this work, we exhibit a novel and powerful scheme for automatically transforming web applications t...More

Code:

Data:

Your rating :
0

 

Tags
Comments