Analysis and Verification on SQLIA Vulnerability for Java EE Programs

Analysis and Verification on SQLIA Vulnerability for Java EE Programs

SQLIA vulnerabilities undermine the integrity of the Web background database, and have always been a major threat to Web application security. This paper proposes a solution to detect and verify SQLIA vulnerabilities in Java Web programs. It combines static analysis and dynamic verification, and for...

Full description

Bibliographic Details
Main Author:	GUO Fan, FAN Weiwei
Format:	Article
Language:	zho
Published:	Journal of Computer Engineering and Applications Beijing Co., Ltd., Science Press 2021-02-01
Series:	Jisuanji kexue yu tansuo
Subjects:	structured query language (sql) injection taint propagation semantics static analysis live variable analysis instrumentation dynamic verification
Online Access:	http://fcst.ceaj.org/CN/abstract/abstract2542.shtml

Similar Items

Using Flask for SQLIA Detection and Protection
by: Ann Z. Ablahd, et al.
Published: (2020-06-01)

Using Flask for SQLIA Detection and Protection
by: Ann Z. Ablahd, et al.
Published: (2020-05-01)

DETECTION OF SQL INJECTION VULNERABILITY IN CODEIGNITER FRAMEWORK USING STATIC ANALYSIS
by: Muhammad Fahmi Al Azhar, et al.
Published: (2023-07-01)

Cefuzz: An Directed Fuzzing Framework for PHP RCE Vulnerability
by: Jiazhen Zhao, et al.
Published: (2022-03-01)

An Enhanced Static Taint Analysis Approach to Detect Input Validation Vulnerability
by: Abdalla Wasef Marashdih, et al.
Published: (2023-02-01)

A WEB-APPLICATION QUALITY ASSESSMENT MODEL BASED ON SQL-INJECTION VULNERABILITY DETECTION
by: D. E. Onoshko, et al.
Published: (2019-06-01)

SAMLDroid: A Static Taint Analysis and Machine Learning Combined High-Accuracy Method for Identifying Android Apps with Location Privacy Leakage Risks
by: Guangwu Hu, et al.
Published: (2021-11-01)

Ways to optimize SQL queries to improve database performance in high–load systems
by: Я. Корнага, et al.
Published: (2021-05-01)

Cryptographic Treatment of CryptDB's Adjustable Join
by: Popa, Raluca Ada, et al.
Published: (2012)

OPTIMISATION ANALYSIS OF TRANSACT-SQL QUERIES BASED ON INDEXES
by: Dominika Hodun, et al.
Published: (2017-09-01)

Lightweight and Efficient Hypervisor-Based Dynamic Binary Instrumentation and Analysis Method
by: Jiaye Pan, et al.
Published: (2020-01-01)

INDEXES SELECTION FOR BLOCKS OF RELATED SQL QUERIES
by: Radosław BOROŃSKI
Published: (2012-06-01)

A Static Detection Method for SQL Injection Vulnerability Based on Program Transformation
by: Ye Yuan, et al.
Published: (2023-10-01)

Java deserialization gadget chain discovery method based on hybrid analysis
by: Yongxing WU, Libo CHEN, Kaida JIANG
Published: (2022-04-01)

Design and Implementation of Enabling SQL–Query Processing for Ethereum-Based Blockchain Systems
by: Jongbeen Han, et al.
Published: (2023-10-01)

Selectivity Estimation of Inequality Joins in Databases
by: Diogo Repas, et al.
Published: (2023-03-01)

Optimizing queries in SQL Server 2008
by: Ion LUNGU, et al.
Published: (2010-05-01)

The method of student's query analysis while intelligent computer tutoring in SQL
by: Andrey Chukhray, et al.
Published: (2021-06-01)

DATABASE SEMANTIC MODEL APPLICATION IN NATURAL LANGUAGE USER INTERFACE DEVELOPMENT PROCESS
by: R. V. Posevkin
Published: (2018-03-01)

LotusSQL: SQL Engine for High-Performance Big Data Systems
by: Xiaohan Li, et al.
Published: (2021-12-01)

SQL queries over encrypted databases: a survey
by: Bo Sun, et al.
Published: (2024-12-01)

Tuning Database Pada Sistem Penerimaan Mahasiswa Baru Menggunakan Optimasi Query dan Indexing
by: Amat Deska, et al.
Published: (2023-02-01)

Evaluation of Sub Query Performance in SQL Server
by: Oktavia Tanty, et al.
Published: (2014-03-01)

Multi-path exploration guided by taint and probability against evasive malware
by: Xu Fangzhou, et al.
Published: (2023-01-01)

Sensory quality of meat from crossbred boars in relation to their age and slaughter weight
by: Lenka KOUŘIMSKÁ, et al.
Published: (2018-10-01)

Structured Query Language Learning: Concept Map-Based Instruction Based on Cognitive Load Theory
by: Shin-Shing Shin
Published: (2020-01-01)

Evaluation of Different Interstimulus Rinse Protocols on Smoke Attribute Perception in Wildfire-Affected Wines
by: Jenna A. Fryer, et al.
Published: (2021-09-01)

Automatic Creation of SQL Injection and Cross-Site Scripting Attacks
by: Kiezun, Adam, et al.
Published: (2008)

Inter-laboratory comparison of methods to measure androstenone in pork fat
by: S. Ampuero Kragten, et al.
Published: (2011-01-01)

Query Optimization Techniques in Microsoft SQL Server
by: Costel Gabriel CORLATAN, et al.
Published: (2014-09-01)

Fuzzy improvement of the SQL
by: Hudec Miroslav
Published: (2011-01-01)

Verification methods of a programmer’s knowledge and skills
by: Paweł Hajduk, et al.
Published: (2018-11-01)

Finding Taint-Style Vulnerabilities in Lua Application of IoT Firmware with Progressive Static Analysis
by: Xixing Li, et al.
Published: (2023-08-01)

PQL: KONVERSI SINTAKS SQL MENJADI SINTAKS PQL
by: Benhard Sitohang, et al.
Published: (2007-01-01)

A Determined Algorithm of Code Analysis of Commodity Software
by: Ilya Viktorovich Arzamartsev, et al.
Published: (2013-12-01)

STUDI KASUS LINGUSQL: APLIKASI TRANSAKSI PERDAGANGAN SAHAM
by: Rikky Wenang Purbojati, et al.
Published: (2012-07-01)

The Importance of Developing Preventive Techniques for SQL Injection Attacks
by: Nenad Bedeković, et al.
Published: (2022-01-01)

The essential PROC SQL handbook for SAS users /
by: 249630 Prairie, Katherine, et al.
Published: (2005)

A guide to the SQL standard : a user's guide to the standard database language SQL /
by: 433806 Date, C. J., et al.
Published: (1997)

SQL UŽKLAUSŲ OPTIMIZAVIMO TYRIMAS = SQL QUERY OPTIMIZATION RESEARCH
by: Jurgita Lieponienė
Published: (2017-12-01)