References
- Open Web Application Security Project (OWASP) report, https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf.
- First Occurrence, https://www.esecurityplanet.com/network-security/how-was-sql-injection-discovered.html, last accessed 2018/10/14.
- Shehu, B.: A literature review and comparative analyses on sql injection: vulnerabilities, attacks and their prevention and detection techniques. International journal of computer science issues (IJCSI), vol. 11, pp. 28-37 (2014).
- Sending, M., Polii, A., Mappadang, J.: Minimization of sql injection in scheduling application development. In: International Conference on Knowledge Creation and Intelligent Computing (KCIC), pp. 14-20. IEEE, Manado, Indonesia (2016).
- Bossi, L., Bertino, E., Hussain, S.R.: A system for profiling and monitoring database access patterns by application programs for anomaly detection. IEEE Transactions on software engineering, vol. 43, pp. 415-431 (2017). doi: 10.1109/TSE.2016.2598336
- Focardi, R., Luccio, F.L., Squarcina, M.: Fast sql blind injection in high latency networks. In: IEEE First AESS European Conference on Satellite Telecommunications (ESTEL), pp. 1-6. IEEE, Rome, Italy (2012).
- Patel, N., Mohammed, F., Soni, S.: Sql injection attacks: techniques and protection mechanisms. International journal of computer science issues (IJCSI), vol. 3, pp. 199-203 (2011).
- Philippaerts, P., Younan, Y., Muylle, S., Piessens, F.: CPM: masking code pointers to prevent code injection attacks. ACM Transactions on information and system security, vol. 16, pp. 1-27 (2013). doi: 10.1145/2487222.2487223
- Xiao, L., Matsumoto, S., Ishikawa, T., Sakurai, K.: Sql injection attack detection method using expectation criterion. In: Fourth international symposium on computing and networking, pp. 649-654. IEEE, Hiroshima, Japan (2016).
- Kar, D., Panigrahi, S., Sundararajan, S.: SQLiDDS: sql injection detection using query transformation and document similarity. In: International Conference on ICDCIT, pp. 377-390. Springer, Switzerland (2015).
- IndexedDB, https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API.
- UML diagrams, http://www.uml.org/, last accessed 2018/10/14.
- ProPolice Tool, https://www.usenix.org/legacyurl/propolice.
- ASLR, https://en.wikipedia.org/wiki/Address_space_layout_randomization.
- Choras, M., Kozik, R., Puchalski, D., Holubowicz, W.: Correlation approach for sql injection attacks detection. In: International Joint Conference CISIS’12-ICEUTÉ12-SOCÓ12, pp. 177-185. Springer, Heidelberg (2013).
- SqlMap Tool, http://sqlmap.org/, last accessed 2018/10/14.
- Apache Scalp Tool, https://code.google.com/archive/p/apache-scalp/.
- Snort, https://www.snort.org/, last accessed 2018/10/14.
- Mehta, P., Sharda, J., Das, M.: SQLshield: preventing sql injection attacks by modifying user input data. In: International Conference on Information Systems Security (ICISS), pp. 192-206. Springer, Kokatta, India(2015).
- SQL Parser, http://www.sqlparser.com/products.php, last accessed 2018/10/14.
- Singh, G., Kant, D., Gangwar, U., Singh, A.P.: Sql injection detection and correction using machine learning techniques. In: Emerging ICT for Bridging the Future - 49th Proceedings of the Annual Convention of the Computer Society of India (CSI), vol. 1, pp. 435-442. Springer, Switzerland (2015).
- Li, P., Liu, L., Xu, J., Yang, H., Yuan, L., Guo, C., Ji, X.: Application of hidden markov model in sql injection detection. In: Annual computer software and applications conference, pp. 578-583. IEEE, Turin, Italy (2017).
- Dubey, R., Gupta, H.: SQL filtering: an effective technique to prevent sql injection attack. In: International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), pp. 312-317. IEEE, India (2016).
- Qbea’h, M., Alshraideh, M., Sabri, K.E.: Detecting and preventing sql injection attacks: a formal approach. In: Cybersecurity and Cyberforensics Conference, pp. 123-129. IEEE, Amman, Jordan (2016).
- Havji Tool, https://kalilinuxtutorials.com/havij-download-sql-injection/.
- Aziz, B., Bader, M., Hippolyte, C.: Search based sql injection attack testing using genetic programming. In: European Conference on Genetic Programming (EuroGP). pp. 183-198. Springer, Porto, Portugal (2016).
- SuiteCRM Tool, https://suitecrm.com/, last accessed 2018/10/14.
- Raj, Shaji.N., Sherly Elizabeth .: An SQL injection defensive mechanism using reverse insertion technique. In: International Conference on Next Generation Computing Technologies (NGCT 2017), pp. 335-346. Springer, Singapore (2018).