Detection of SQL Injection Vulnerability in Embedded SQL
Summary :
Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.
- Publication
- IEICE TRANSACTIONS on Information Vol.E103-D No.5 pp.1173-1176
- Publication Date
- 2020/05/01
- Publicized
- 2020/02/13
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.2019EDL8143
- Type of Manuscript
- LETTER
- Category
- Software System
Authors
Young-Su JANG
Korea Polytechnics
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Young-Su JANG, "Detection of SQL Injection Vulnerability in Embedded SQL" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 5, pp. 1173-1176, May 2020, doi: 10.1587/transinf.2019EDL8143.
Abstract: Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019EDL8143/_p
Copy
@ARTICLE{e103-d_5_1173,
author={Young-Su JANG, },
journal={IEICE TRANSACTIONS on Information},
title={Detection of SQL Injection Vulnerability in Embedded SQL},
year={2020},
volume={E103-D},
number={5},
pages={1173-1176},
abstract={Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.},
keywords={},
doi={10.1587/transinf.2019EDL8143},
ISSN={1745-1361},
month={May},}
Copy
TY - JOUR
TI - Detection of SQL Injection Vulnerability in Embedded SQL
T2 - IEICE TRANSACTIONS on Information
SP - 1173
EP - 1176
AU - Young-Su JANG
PY - 2020
DO - 10.1587/transinf.2019EDL8143
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 5
JA - IEICE TRANSACTIONS on Information
Y1 - May 2020
AB - Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.
ER -
English
