Computer Science ›› 2019, Vol. 46 ›› Issue (1): 201-205.doi: 10.11896/j.issn.1002-137X.2019.01.031
• Information Security • Previous Articles Next Articles
YIN Zhong-xu, ZHANG Lian-cheng
CLC Number:
[1]OWASP Top 10-2013[EB/OL].https://www.owasp.org/images/f/f8/OWASP_Top_10_-_2013.pdf.2013/2014-08-21.<br /> [2]2016年中国互联网安全报告[EB/OL].http://zt.360.cn/1101061855.php?dtid=1101062370&did=490280697.<br /> [3]BOYD S W,KEROMYTIS A D.SQLrand:Preventing SQL Injection Attacks[M].New Ywork:Springer Berlin Heidelberg,2004:292-302.<br /> [4]GOULD C,SU Z,DEVANBU P.Static checking of dynamically generated queries in database applications[J].Acm Transactions on Software Engineering & Methodology,2004,16(4):645-654.<br /> [5]LE D G,LI X,GONG S R,et al.Research on second-order SQL injection techniques[J].Journal on Communications,2015,36(S1):85-93.(in Chinese)<br /> 乐德广,李鑫,龚声蓉,等.新型二阶SQL注入技术研究[J].通信学报,2015,36(S1):85-93.<br /> [6]VALEUR F,MUTZ D,VIGNA G.A Learning-Based Approach to the Detection of SQL Attacks[C]//International Conference on Detection of Intrusions & Malware.2005:123-140.<br /> [7]GAURAV T,PHILIP K.CHAN.On the learning of system call attributes for host-based anomaly detection[J].International Journal on Artificial Intelligence Tools,2011,15(6):875-892.<br /> [8]TORRANO-GIMENEZ C,PEREZ-VILLEGAS A,ÁLVAREZ G.An Anomaly-based Web Application Firewall[C]//Security and Cryptography.2009:23-28.<br /> [9]UWAGBOLE S O,BUCHANAN W J,FAN L.Applied Web Traffic Analysis for Numerical Encoding of SQL Injection Attack Features[C]//Proceedings of the European Conference on Cyber Warfare and Security(Eccws 2016).2016.<br /> [10] ČISAR P,CˇISAR S M.The framework of runtime application self-protection technology[C]//International Symposium on Computational Intelligence and Informatics.IEEE,2017:000081-000086.<br /> [11]SENDIANG M,POLII A,MAPPADANG J.Minimization of SQL injection in scheduling application development[C]//International Conference on Knowledge Creation and Intelligent Computing.IEEE,2017:14-20.<br /> [12]MØLLER A.The Big Manual for the Java String Analyzer:Latest release:version 2.1-1,November 30,2009[J].Nucleic Acids Research,2012,40(14):6520-33.<br /> [13]SHELDON R.Transact-SQL Formatting Standards (Coding Styles)[EB/OL].https://www.red-gate.com/simple-talk/sql/t-sql-programming/transact-sql-formatting-standards-(coding-sty-les).<br /> [14]YAN M M,MUY M,HE Y J,et al.The Analysis of Function Calling Path in Java Based on Soot[J].Applied Mechanics & Materials,2014,568-570:1479-1487.<br /> [15]WebCastellum[EB/OL].https://sourceforge.net/projects/web-castellum/2014/2015-07-15. |
[1] | JIANG Cheng-man, HUA Bao-jian, FAN Qi-liang, ZHU Hong-jun, XU Bo, PAN Zhi-zhong. Empirical Security Study of Native Code in Python Virtual Machines [J]. Computer Science, 2022, 49(6A): 474-479. |
[2] | CHENG Xi, CAO Xiao-mei. SQL Injection Attack Detection Method Based on Information Carrying [J]. Computer Science, 2021, 48(7): 70-76. |
[3] | ZHU Jun-wen. SQL InJection Recognition Based on Improved BP Neural Network [J]. Computer Science, 2020, 47(6A): 352-359. |
[4] | LI Hao, ZHONG Sheng, KANG Yan, LI Tao, ZHANG Ya-chuan, BU Rong-jing. API Recommendation Model with Fusion Domain Knowledge [J]. Computer Science, 2020, 47(11A): 544-548. |
[5] | WAN Zhuo-hao,XU Dong-dong,LIANG Sheng,HUANG Bao-hua. Study on SQL Injection Detection Based on N-Gram [J]. Computer Science, 2019, 46(7): 108-113. |
[6] | DONG Jia-xing and XU Chang. Efficient Clone Detection Technique for Functionally Similar Programs [J]. Computer Science, 2017, 44(4): 12-15. |
[7] | LIU Yan-na, CHEN Li and TANG Sheng-lin. Error Checking Tool for DAG-based Task Parallel Programs [J]. Computer Science, 2017, 44(3): 38-41. |
[8] | ZHANG Chi, HUANG Zhiqiu and DING Zewen. Research on Static Analysis Formalism Supporting Abstract Interpretation [J]. Computer Science, 2017, 44(12): 126-130. |
[9] | WU Shao-hua, CHENG Shu-bao and HU Yong. Web Attack Detection Method Based on Support Vector Machines [J]. Computer Science, 2015, 42(Z6): 362-364. |
[10] | ZHANG Yang, ZHANG Dong-wen and QIU Jing. Automated Refactoring Framework for Java Locks [J]. Computer Science, 2015, 42(11): 84-89. |
[11] | ZHANG Hai-bo, AN Hong, HE Song-tao, SUN Tao, WANG Tao, PENG Yi and CHENG Yi-chao. Program Phase Analysis and Phase Detection Techniques [J]. Computer Science, 2015, 42(1): 71-74. |
[12] | . Method of Android Applications Permission Detection Based on Static Dataflow Analysis [J]. Computer Science, 2012, 39(Z11): 16-18. |
[13] | . Research and Analysis of the Novel SQI. Injection Technique [J]. Computer Science, 2012, 39(Z11): 415-417. |
[14] | YANG Jie,XU Heng-yang,AN Hong,LIU Yu,WANG Yao-bin. Pview: A Novel Implementation of Fundamental Supports for Parallel Programs Performance Monitoring Based on PMU [J]. Computer Science, 2011, 38(2): 288-292. |
[15] | XU Jian-jun,TAN Qing-ping. Static Analysis of Soft Errors Effect in Register Files for Program Reliability [J]. Computer Science, 2011, 38(1): 290-294. |
|