{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T23:06:23Z","timestamp":1725836783912},"publisher-location":"New Delhi","reference-count":22,"publisher":"Springer India","isbn-type":[{"type":"print","value":"9788132226482"},{"type":"electronic","value":"9788132226505"}],"license":[{"start":{"date-parts":[[2015,11,3]],"date-time":"2015-11-03T00:00:00Z","timestamp":1446508800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-81-322-2650-5_4","type":"book-chapter","created":{"date-parts":[[2015,11,5]],"date-time":"2015-11-05T11:34:39Z","timestamp":1446723279000},"page":"49-64","source":"Crossref","is-referenced-by-count":12,"title":["On Preventing SQL Injection Attacks"],"prefix":"10.1007","author":[{"given":"Bharat Kumar","family":"Ahuja","sequence":"first","affiliation":[]},{"given":"Angshuman","family":"Jana","sequence":"additional","affiliation":[]},{"given":"Ankit","family":"Swarnkar","sequence":"additional","affiliation":[]},{"given":"Raju","family":"Halder","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,11,3]]},"reference":[{"issue":"2","key":"4_CR1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1698750.1698754","volume":"13","author":"Prithvi Bisht","year":"2010","unstructured":"Bisht, P., Madhusudan, P., Venkatakrishnan, V.N.: Candid: dynamic candidate evaluations for automatic prevention of sql injection attacks. ACM Trans. Inf. Syst. Secur. 13(2), 14:1\u201314:39 (2010)","journal-title":"ACM Transactions on Information and System Security"},{"key":"4_CR2","first-page":"292","volume-title":"RoboCup 2005: Robot Soccer World Cup IX","author":"Stephen W. Boyd","year":"2004","unstructured":"Boyd, S.W., Keromytis, A.D.: Sqlrand: preventing sql injection attacks. In: In Proceedings of the 2nd ACNS Conference, pp. 292\u2013302 (2004)"},{"key":"4_CR3","doi-asserted-by":"crossref","unstructured":"Buehrer, G., Weide, B.W., Sivilotti, P.A.G.: Using parse tree validation to prevent sql injection attacks. In: Proceedings of the 5th International Workshop on SEM, pp. 106\u2013113. ACM (2005)","DOI":"10.1145\/1108473.1108496"},{"key":"4_CR4","doi-asserted-by":"crossref","first-page":"219","DOI":"10.1016\/B978-1-59749-424-3.00005-0","volume-title":"SQL Injection Attacks and Defense","author":"Justin Clarke","year":"2009","unstructured":"Clarke, J.: SQL Injection Attacks and Defense, 1st edn. Syngress Publishing, New York (2009)"},{"key":"4_CR5","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1016\/S1571-0661(05)80036-2","volume":"40","author":"M Comini","year":"2000","unstructured":"Comini, M., Gori, R., Levi, G.: Assertion based inductive verification methods for logic programs. Electr. Notes Theor. Comput. Sci. 40, 52\u201369 (2000)","journal-title":"Electr. Notes Theor. Comput. Sci."},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Cook, W.R.: Safe query objects: statically typed objects as remotely executable queries. In: In Proceedings of the 27th ICSE, pp. 97\u2013106. ACM (2005)","DOI":"10.1145\/1062455.1062488"},{"key":"4_CR7","unstructured":"Gould, C., Su, Z., Devanbu, P.: Jdbc checker: a static analysis tool for sql\/jdbc applications. In: Proceedings of the 26th ICSE, pp. 697\u2013698. IEEE Computer Society (2004)"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Halder, R., Cortesi, A.: Obfuscation-based analysis of SQL injection attacks. In: Proceedings of the 15th IEEE Symposium ISCC, pp. 931\u2013938. IEEE (2010)","DOI":"10.1109\/ISCC.2010.5546750"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Halfond, W.G.J., Orso, A.: Amnesia: analysis and monitoring for neutralizing sql-injection attacks. In: Proceedings of the 20th IEEE\/ACM ASE, pp. 174\u2013183. ACM (2005)","DOI":"10.1145\/1101908.1101935"},{"issue":"4","key":"4_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1082983.1083250","volume":"30","author":"WGJ Halfond","year":"2005","unstructured":"Halfond, W.G.J., Orso, A.: Combining static analysis and runtime monitoring to counter sql-injection attacks. SIGSOFT Softw. Eng. Notes 30(4), 1\u20137 (2005)","journal-title":"SIGSOFT Softw. Eng. Notes"},{"key":"4_CR11","unstructured":"Halfond, W.G., Viegas, J., Orso, A.: A classification of SQL-injection attacks and countermeasures. In: Proceedings of the IEEE International Symposium on Secure Software Engineering. IEEE (2006)"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Huang, Y.W., Yu, F., Hang, C., Tsai, C.H., Lee, D.T., Kuo, S.Y.: Securing web application code by static analysis and runtime protection. In: Proceedings of the 13th International Conference on WWW, pp. 40\u201352. ACM (2004)","DOI":"10.1145\/988672.988679"},{"issue":"3","key":"4_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1127878.1127884","volume":"31","author":"GT Leavens","year":"2006","unstructured":"Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of jml: a behavioral interface specification language for java. SIGSOFT Softw. Eng. Notes 31(3), 1\u201338 (2006)","journal-title":"SIGSOFT Softw. Eng. Notes"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Lin, J., Chen, J., Liu, C.: An automatic mechanism for adjusting validation function. In: 22nd AINA, 2008, pp. 602\u2013607. IEEE Computer Society, Okinawa, Japan (2008)","DOI":"10.1109\/WAINA.2008.89"},{"key":"4_CR15","unstructured":"Livshits, V.B., Lam, M.S.: Finding security vulnerabilities in java applications with static analysis. In: Proceedings of the 14th Conference on USENIX Security Symposium, vol. 14, p. 18. USENIX Association (2005)"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Mcclure, R.A., Krger, I.H.: Sql dom: compile time checking of dynamic sql statements. In: ICSE05: Proceedings of the 27th ICSE, pp. 88\u201396. ACM (2005)","DOI":"10.1145\/1062455.1062487"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Nguyen-Tuong, A., Guarnieri, S., Greene, D., Shirley, J., Evans, D.: Automatically hardening web applications using precise tainting. In: Security and Privacy in the Age of Ubiquitous Computing, IFIP TC11 20th International Conference on SEC, pp. 295\u2013308 (2005)","DOI":"10.1007\/0-387-25660-1_20"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Ray, D., Ligatti, J.: Defining code-injection attacks. In: Proceedings of the 39th POPL, pp. 179\u2013190. ACM (2012)","DOI":"10.1145\/2103656.2103678"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Scott, D., Sharp, R.: Abstracting application-level web security. In: Proceedings of the 11th International Conference on WWW, pp. 396\u2013407. ACM (2002)","DOI":"10.1145\/511446.511498"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Son, S., McKinley, K.S., Shmatikov, V.: Diglossia: detecting code injection attacks with precision and efficiency. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1181\u20131192. ACM (2013)","DOI":"10.1145\/2508859.2516696"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Su, Z., Wassermann, G.: The essence of command injection attacks in web applications. In: Conference Record of the 33rd POPL, pp. 372\u2013382. ACM (2006)","DOI":"10.1145\/1111320.1111070"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of sql attacks. In: Proceedings of the 2nd International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 123\u2013140. Springer (2005)","DOI":"10.1007\/11506881_8"}],"container-title":["Advances in Intelligent Systems and Computing","Advanced Computing and Systems for Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-81-322-2650-5_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,31]],"date-time":"2019-05-31T12:36:08Z","timestamp":1559306168000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-81-322-2650-5_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,11,3]]},"ISBN":["9788132226482","9788132226505"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-81-322-2650-5_4","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2015,11,3]]}}}