Analysis and Defense of SQL Injection Attacks in ASP.NET Application

doi:10.3969/j.issn.1006-2475.2014.03.035

Abstract

Abstract: Aiming at the SQL injection attack problem in ASP.NET application, after the analysis on the approach and method of injection attacks, a three-level prevention model is put forward from the aspect of input filtering, statement parameters and SQL keywords escaping. With this model, we can customize the rule of keywords escaping and block the approach of SQL injection attacks effectively. The result of experiments verifies the feasibility and effectiveness of this prevention model.

Key words: SQL filter, model, security, attack


CLC Number:

TP393.08

CHU Long-xian. Analysis and Defense of SQL Injection Attacks in ASP.NET Application[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2014.03.035.

[1]	WANG Hong-jie, XU Sheng-chao, YANG Bo, MAO Ming-yang, JIANG Jin-ling. Automatic Arrangement Method of Cloud Network Security Service Chain Based on SRv6 Technology [J]. Computer and Modernization, 2024, 0(01): 1-5.
[2]	CAI Si-mu, WANG Li-bin. A Universally-composable Secure Non-interactive Commitment Scheme [J]. Computer and Modernization, 2024, 0(01): 6-12.
[3]	HAN Kun, WANG Zheng, DUAN Jun-yong, YANG Hua-lin. Overview of Data Processing Techniques for MIoT Based on Fog Computing [J]. Computer and Modernization, 2024, 0(01): 13-20.
[4]	PENG Zong-yu, HUANG Kai-qi, SU Jian-hua, WANG Li-li. Visual Servo Based on Model-free Adaptive Control [J]. Computer and Modernization, 2024, 0(01): 29-34.
[5]	LI Shi-bao, CONG Yu-jie. ZigBee Indoor Location Algorithm Based on Dynamic Modification of RSSI Parameters [J]. Computer and Modernization, 2024, 0(01): 35-40.
[6]	ZHAN Shao-qiang, ZENG An, ZHANG Yi-qun, SUN Hong-tao, ZHANG Xiao-bo. Two-stage Critical Disease Prediction Model Based on Heterogeneous Attribute Fusion [J]. Computer and Modernization, 2024, 0(01): 67-73.
[7]	DU Kang, GUO Lu-yu, XU Qi-lei, SHAN Bao-ming, ZHANG Fang-kun. Infrared Spectrum Modeling Method Based on Variable Selection of Model#br# Population Analysis#br# [J]. Computer and Modernization, 2023, 0(12): 48-52.
[8]	CHEN Chao, GU Qing-feng. Design of Hybrid Workload-oriented Distributed Meteorological Data Management System [J]. Computer and Modernization, 2023, 0(12): 118-122.
[9]	LI Xiang, ZHUANG Yi. Critical Fault Point Identification Method for Routing Algorithms Using XGBoost [J]. Computer and Modernization, 2023, 0(11): 75-81.
[10]	ZHANG Chun-hui, NIE Yun, WANG Guo-wei. Real-time Rendering Algorithm for Spatial Targets in Air-space 3D Simulation [J]. Computer and Modernization, 2023, 0(11): 82-88.
[11]	ZHANG Nan, LI Wen-jing, LIU Cai, XIE Ke, MA Shi-qian, XIAO Jun-hao, ZOU Feng. Real-time Behavioral Safety Warning for Power Operators Based on Multi-source Data [J]. Computer and Modernization, 2023, 0(10): 84-91.
[12]	JI Xin-cheng, WANG Yan-kai, ZHANG Ying, XU Yan-jie. Prediction of Bayesian Optimized Gradient Boosting Tree for Interior Natural Illuminance Distribution [J]. Computer and Modernization, 2023, 0(09): 44-50.
[13]	LIU Rui-xue, LI Wen, LIU Fang, DU Shou-guo. Prediction of Time Series with Missing Value Based on Tensor Autoregressive Completion [J]. Computer and Modernization, 2023, 0(09): 51-58.
[14]	GUAN Jin-ping, YANG Jin-ji, YANG Cheng-long. Formal Verification of Raft Protocol Based on Probabilistic Model [J]. Computer and Modernization, 2023, 0(09): 77-81.
[15]	SHAO Bi-lin, CHENG Wan-rong. Short-Term Natural Gas Load Forecasting Based on SARIMA Model [J]. Computer and Modernization, 2023, 0(08): 54-59.

Analysis and Defense of SQL Injection Attacks in ASP.NET Application

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments