Litcius/Paper detail

Detection of SQL Injection Vulnerability in Embedded SQL

Young-Su JANG

2020IEICE Transactions on Information and Systems12 citationsDOIOpen Access PDF

Abstract

Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.

Topics & Concepts

Computer scienceSQL injectionProgramming languageSQLPL/SQLSQL/PSMStored procedureData Transformation ServicesNull (SQL)Language Integrated QueryUser-defined functionCode (set theory)Business Intelligence Markup LanguageData definition languageQuery by ExampleDatabaseOperating systemSet (abstract data type)World Wide WebWeb search querySearch engineWeb Application Security VulnerabilitiesSecurity and Verification in ComputingCloud Data Security Solutions
Detection of SQL Injection Vulnerability in Embedded SQL | Litcius