Sarhan et al., 2017 - Google Patents
Understanding and discovering SQL injection vulnerabilitiesSarhan et al., 2017
View PDF- Document ID
- 1108771360072629715
- Author
- Sarhan A
- Farhan S
- Al-Harby F
- Publication year
- Publication venue
- International Conference on Applied Human Factors and Ergonomics
External Links
Snippet
The Internet has become very important today and a large part of everyday life, so it is vital to focus on security for web applications and mobile services, so as to protect electronic commerce, electronic government, social media and all electronic services that transfer …
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Baldassarre et al. | Integrating security and privacy in software development | |
| Sadqi et al. | A systematic review and taxonomy of web applications threats | |
| Andrews et al. | How to break web software: Functional and security testing of web applications and web services | |
| Gupta et al. | Cross-site scripting attacks: classification, attack, and countermeasures | |
| Baldassarre et al. | Privacy oriented software development | |
| Saqib et al. | Reviewing risks and vulnerabilities in web 2.0 for matching security considerations in web 3.0 | |
| CA3224095A1 (en) | Security risk remediation tool | |
| Bui et al. | Xss vulnerabilities in cloud-application add-ons | |
| Bedeković et al. | The importance of developing preventive techniques for SQL injection attacks | |
| Sarhan et al. | Understanding and discovering SQL injection vulnerabilities | |
| Singh et al. | Detection of web-based attacks by analyzing web server log files | |
| Čović | Threats and Vulnerabilities in Web Applications and How to Avoid Them | |
| Archana Devi et al. | Prevention and detection of SQL injection using query tokenization | |
| Monika et al. | DPLOOP: detection and prevention of loopholes in web application security | |
| Ninawe et al. | Detection of DOM-based XSS attack on web application | |
| Zaini et al. | Exploiting DOM Mutation for the Detection of Ad-injecting Browser Extension | |
| Chaliasos et al. | Mime artist: Bypassing whitelisting for the web with javascript mimicry attacks | |
| Ahuja et al. | EAST: exploitation of attacks and system threats in network | |
| Mishra et al. | XML-Based Authentication to Handle SQL Injection | |
| Alghofaili | Security Analysis of Open Source Content Management Systems Wordpress, Joomla, and Drupal | |
| Snehi | Web client and web server approaches to prevent xss attacks | |
| Jagajeevan Rao et al. | Prevention and analysing on cross site scripting | |
| Niemietz | Analysis of UI redressing attacks and countermeasures | |
| Franken et al. | Security and Privacy Policy Bugs in Browser Engines | |
| Ramadas et al. | Client management system with two factor authentication and anti input injection for Asian Life Travels Sdn Bhd |