Netinfo Security ›› 2015, Vol. 15 ›› Issue (9): 129-134.doi: 10.3969/j.issn.1671-1122.2015.09.030

• Orginal Article • Previous Articles     Next Articles

Research on SQL Injection Attack and Defense Technology

Wen-sheng LIU1(), De-guang LE2, Wei LIU1   

  1. 1. Quanzhou Public Security Bureau Public Information Network Security Supervision Detachment, Quanzhou Fujian 362000, China
    2. Changshu Institute of technology, Suzhou Jiangsu 215500, China
  • Received:2015-07-15 Online:2015-09-01 Published:2015-11-13

Abstract:

With the rapid development of computer network technology, the human is more and more reliance on the ubiquitous network, and a series of network security problem that make people pay more attention on it. At present, the SQL injection attack has become one of the primary means of hacking by hackers. This paper introduces the principle of SQL injection, depth study on the cause of SQL injection and actual combat encounter common SQL injection attack, proposed a new SQL injection detection techniques and tools to achieve in practice on the basis of actual penetration testing, and provides strong technical support for future testing SQL injection attacks or provides powerful guarantee for the information system in the SQL injection defense.

Key words: SQL injection attack, penetration testing, defense

CLC Number: