| Publisher | Association for Computing Machinery | ||
|---|---|---|---|
| Format | 134.2KB PDF | Date added | 12 Mar 2006 |
| Topics | Network Security, Security Tools, Intrusion Detection Systems | ||
| Downloads | 11 | ||
SQL injection attacks potentially affect all applications, especially web applications, that utilize a database backend. While these attacks are generally against the applications and not the database directly, there are some techniques that can be deployed to mitigate the risk at the database server. Database intrusion detection systems are often based on signatures of known exploits and honey tokens, traps set in the database. This paper examines the threat from SQL injection attacks, the reasons traditional database access control is not sufficient to stop them, and some of the techniques used to detect them. Moreover, it proposes a model for an anomalous SQL detector which observes the database traffic from the perspective of the database server itself.
Did you find this white paper useful?
22 out of 23 users found this white paper useful
Related white papers
MessageLabs Intelligence : 2009 security Predictions
Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...
Tangled Web : Undercover Threats, Invisible Enemies
MessageLabs offers integrated web and email security services proven to stay a step ahead of the bad guys. Its Web Security service, for example, includes anti-spyware and anti-virus protection, as...
Security & trust: the backbone of doing business over the internet
In e-commerce consumers are concerned about indentity theft. TNS research reported in 2006 70% of online shoppers have abandoned a purchase beacuase of security concerns. This white paper explores the...
IDC Vendor Spotlight
Organised ubiquity is a must for organisations to sucessfully "project" their users in any given landspace, at any given time, with secuirty policy. This White Paper covers issues surrounding secure...
Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities
Managers work to better manage the risks associated with their business infrastructure. Web application security plays a significant role in achieveing this goal. This white paper deals with issues surrounding...
Web application security: automated scanning versus manual penetration testing.
research has shown that a vast number of web sites are vunerable to application attacks, most occur over HTTP/S protocals. There are twom methods to detect web vunerablity . This...
Trend Micro Enterprise Security white paper
This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...
