Please use this identifier to cite or link to this item: http://ir.futminna.edu.ng:8080/jspui/handle/123456789/28695
Title: A Component Based SQL Injection Vulnerability Detection Tool
Authors: Atiku, Mustapha
Saidu Aliero, Muhammad
Gani, Imran
Khan, Murad
Bello, Mannir
Keywords: - SQLlV, SQL injection, Web-based, Vulnerability, Component based
Issue Date: 16-Dec-2015
Publisher: IEEE
Citation: 2. M S Aliero, I Ghani, M Khan, M Atiku and M Bello, " A Component Based SQL Injection Vulnerability Detection Tool," 2015 9th Malaysian Software Engineering Conference (MySEC 2015), Kuala Lumpur, Malaysia 16 – 17 December 2015, pp. 224, http://toc.proceedings.com/30378webtoc.pdf
Abstract: Abstract- SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers' use SQLIA to get unauthorized access to and perform unauthorized data modification. To mitigate the devastating problem of SQLIA, different researchers proposed variety of web penetration testing tools that automation of SQLI vulnerability assessment that result in SQLIA. Recent study shows that there is need for adaptation of object orienting approach in development of application program in order to reduce the cost of integration and maintenance, as well as improve the efficiency of application programs. Most of the proposed SQLIV (SQL injection vulnerability) detection tools by academic researchers seem to focus on improving efficiency or effectiveness of SQLIV detection tool thereby paying less attention to advantage of adopting reusable component. Therefore, this paper propose component based (CBC) SQLIV detection tool that has the potential to enable developer to reuse component where necessary and allow integration and maintenance fast and in less cost. The proposed tool was tested on three different vulnerable web applications after which its effectiveness was compared against seven(7) different SQLIV detection tool accordingly, the result of evaluation proves that the tool has all the potential to detect SQLIV vulnerabilities on different scenarios that other of scanners ware unable to detect
Description: 2015 9th Malaysian Software Engineering Conference (MySEC 2015)
URI: http://repository.futminna.edu.ng:8080/jspui/handle/123456789/28695
ISBN: 9781467382281
Appears in Collections:Information and Media Technology

Files in This Item:
File Description SizeFormat 
proceedings 2015 mysec.pdfConference Proceedings3.46 MBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.