SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications

Beihua Wu

2nd International ICST Workshop on e-Forensics Law and Judicial

Research Article

SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications

Download

1112 downloads

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.1007/978-3-642-23602-0_25,
    author={Beihua Wu},
    title={SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications},
    proceedings={2nd International ICST Workshop on e-Forensics Law and Judicial},
    proceedings_a={E-FORENSICSLAW},
    year={2012},
    month={10},
    keywords={SQL Injection Web sites Security Cybercrime},
    doi={10.1007/978-3-642-23602-0_25}
}

Beihua Wu
Year: 2012
SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications
E-FORENSICSLAW
Springer
DOI: 10.1007/978-3-642-23602-0_25

Beihua Wu¹^,*

1: East China University of Political Science and Law

*Contact email: wubeihua@ecupl.edu.cn

Abstract

With the sharp increase of hacking attacks over the last couple of years, web application security has become a key concern. SQL injection is one of the most common types of web hacking and has been widely written and used in the wild. This paper analyzes the principle of SQL injection attacks on Web sites, presents methods available to prevent IIS+ASP+MSSQL web applications from these kinds of attacks, including secure coding within the web application, proper database configuration, deployment of IIS and other security techniques. The result is verified by WVS report.

Keywords: SQL Injection Web sites Security Cybercrime

Published: 2012-10-10

: http://dx.doi.org/10.1007/978-3-642-23602-0_25

SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications

Abstract

About EAI

Community

Publish with EAI