The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Embedded SQL은 SQL 문을 호스트 프로그래밍 언어에 삽입하고 프로그램 런타임 시 실행합니다. SQL 주입은 알려진 공격 기술입니다. 그러나 Embedded SQL에는 탐지 기술이 도입되지 않았습니다. 본 논문에서는 C/C++ 호스트 프로그래밍 언어의 SQL 주입 취약점을 탐지할 수 있는 후보 코드 생성 기반 기술을 소개합니다.
Young-Su JANG
Korea Polytechnics
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
부
Young-Su JANG, "Detection of SQL Injection Vulnerability in Embedded SQL" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 5, pp. 1173-1176, May 2020, doi: 10.1587/transinf.2019EDL8143.
Abstract: Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019EDL8143/_p
부
@ARTICLE{e103-d_5_1173,
author={Young-Su JANG, },
journal={IEICE TRANSACTIONS on Information},
title={Detection of SQL Injection Vulnerability in Embedded SQL},
year={2020},
volume={E103-D},
number={5},
pages={1173-1176},
abstract={Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.},
keywords={},
doi={10.1587/transinf.2019EDL8143},
ISSN={1745-1361},
month={May},}
부
TY - JOUR
TI - Detection of SQL Injection Vulnerability in Embedded SQL
T2 - IEICE TRANSACTIONS on Information
SP - 1173
EP - 1176
AU - Young-Su JANG
PY - 2020
DO - 10.1587/transinf.2019EDL8143
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 5
JA - IEICE TRANSACTIONS on Information
Y1 - May 2020
AB - Embedded SQL inserts SQL statements into the host programming language and executes them at program run time. SQL injection is a known attack technique; however, detection techniques are not introduced in embedded SQL. This paper introduces a technique based on candidate code generation that can detect SQL injection vulnerability in the C/C++ host programming language.
ER -