{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:41:58Z","timestamp":1775745718931,"version":"3.50.1"},"reference-count":27,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2020,3,28]],"date-time":"2020-03-28T00:00:00Z","timestamp":1585353600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,3,28]],"date-time":"2020-03-28T00:00:00Z","timestamp":1585353600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Wireless Pers Commun"],"published-print":{"date-parts":[[2021,4]]},"DOI":"10.1007\/s11277-020-07243-z","type":"journal-article","created":{"date-parts":[[2020,3,28]],"date-time":"2020-03-28T11:02:37Z","timestamp":1585393357000},"page":"2995-3014","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":44,"title":["A Novel Method to Detect and Prevent SQLIA Using Ontology to Cloud Web Security"],"prefix":"10.1007","volume":"117","author":[{"given":"K. Naveen","family":"Durai","sequence":"first","affiliation":[]},{"given":"R.","family":"Subha","sequence":"additional","affiliation":[]},{"given":"Anandakumar","family":"Haldorai","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,3,28]]},"reference":[{"key":"7243_CR1","doi-asserted-by":"publisher","first-page":"3313","DOI":"10.1007\/s11042-016-3718-2","volume":"76","author":"A Azfar","year":"2019","unstructured":"Azfar, A., Choo, K. R., & Liu, L. (2019). Forensic taxonomy of android productivity apps. Multimedia Tools & Applications, 76, 3313\u20133341.","journal-title":"Multimedia Tools & Applications"},{"key":"7243_CR2","unstructured":"Nguyen-Tuong, A., Guarnieri, S., Greene, D., Shirley, J., & Evans, D. (2003). Automatically hardening web applications using precise tainting. In Security & privacy in the age of S. Christensen, A. Moller, & M. I. Schwartzbach. Precise analysis of string expressions. Static Analysis, Proceedings, Vol. 2694, pp. 1\u201318."},{"key":"7243_CR3","unstructured":"Yeole, S., & Meshram, B. B. (2011). Analysis of different technique for detection of SQL injection. In Proceedings of the International Conference & Workshop on Emerging Trends in Technology (ICWET \u201911) (pp. 963\u2013966). Mumbai: ACM."},{"issue":"7","key":"7243_CR4","doi-asserted-by":"publisher","first-page":"696","DOI":"10.1016\/S0148-2963(02)00350-8","volume":"57","author":"A Sharma","year":"2004","unstructured":"Sharma, A., & Sheth, J. N. (2004). Web-based marketing: The coming revolution in marketing thought & strategy. Journal of Business Research, 57(7), 696\u2013702.","journal-title":"Journal of Business Research"},{"key":"7243_CR5","doi-asserted-by":"crossref","unstructured":"Alserhani, F., Akhlaq, M., Awan, I., & Cullen, A. (2011). Event-based alert correlation system to detect SQLI activities. In 2011 IEEE international conference on Advanced Information Networking & Applications (AINA) (pp. 175\u2013182). IEEE.","DOI":"10.1109\/AINA.2011.102"},{"key":"7243_CR6","doi-asserted-by":"crossref","unstructured":"Avireddy, S., et al. (2012). Random4: An application specific randomized encryption algorithm to prevent SQL injection. In 2012 IEEE 11th international conference on Trust, Security & Privacy in Computing & Communications (TrustCom). IEEE.","DOI":"10.1109\/TrustCom.2012.232"},{"key":"7243_CR7","unstructured":"Pankaj, P., Nagle, M., & Pankaj, K. K. (2012). Prevention of buffer prevention of buffer f buffer overflow attack overflow attack overflow attack blocker blocker blocker using IDS. International Journal of Computer Science & Network (IJCSN), 1(5). www.ijcsn.org. ISSN 2277-5420."},{"key":"7243_CR8","unstructured":"Benedikt, M., Freire, J., & Godefroid, P. (2002). VeriWeb: Automatically testing dynamic web sites. In Proceedings of 11th International World Wide Web Conference (WWW\u20192002). Citeseer."},{"key":"7243_CR9","doi-asserted-by":"crossref","unstructured":"Bertino, E., Kamra, A., & Early, J. (2007). Profiling database application to detect SQL injection attacks. In IEEE International Performance, Computing, & Communications Conference, 2007. IPCCC 2007 (pp. 449\u2013548). IEEE.","DOI":"10.1109\/PCCC.2007.358926"},{"key":"7243_CR10","doi-asserted-by":"crossref","unstructured":"Buehrer, G., Weide, B. W., & Sivilotti, P. A. G. (2005). Using parse tree validation to prevent SQL injection attacks. In Proceedings of the 5th international workshop on Software engineering & middleware. ACM.","DOI":"10.1145\/1108473.1108496"},{"key":"7243_CR11","unstructured":"Anley, C. (2002). Advanced SQL injection in SQL server applications. White Paper Next Generation Security Software Ltd. 2002, 9. Oracle SQL injection in web applications. Red-Database-Security GmbH Company, Germany, 2009. https:\/\/www.red-database-security.com\/whitepaper\/oracle_sql_injection_web.html. Accessed 16 March 2010."},{"key":"7243_CR12","doi-asserted-by":"crossref","unstructured":"Gould, C., Su, Z., & Devanbu, P. (2004). JDBC checker: A static analysis tool for SQL\/JDBC applications. In Proceedings of the 26th International Conference on Software Engineering (ICSE 2004) Formal Demos, pp. 697\u2013698.","DOI":"10.1109\/ICSE.2004.1317494"},{"issue":"67","key":"7243_CR13","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1016\/j.csi.2010.12.002","volume":"33","author":"C Blanco","year":"2011","unstructured":"Blanco, C., Sheras, J., Fern\u00e1ndez-Medina, E., Valencia-Garc\u00eda, R., & Toval, A. (2011). Basis for an integrated security ontology according to a systematic review of existing proposals. Computer Standards & Interfaces, 33(67), 372\u2013388.","journal-title":"Computer Standards & Interfaces"},{"issue":"10","key":"7243_CR14","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1016\/j.ins.2011.06.020","volume":"231","author":"CI Pinz\u00f3n","year":"2013","unstructured":"Pinz\u00f3n, C. I., De Paz, J. F., Herrero, \u00c1., Corchado, E., Bajo, J., & Corchado, J. M. (2013). idMAS-SQL: Intrusion detection based on MAS to detect & block SQL injection through data mining. Information Sciences, 231(10), 15\u201331.","journal-title":"Information Sciences"},{"key":"7243_CR15","doi-asserted-by":"crossref","unstructured":"Ezumalai, R., & G. Aghila. (2009). Combinatorial approach for preventing SQL injection attacks. In IEEE International Advance Computing Conference. IACC 2009. IEEE.","DOI":"10.1109\/IADCC.2009.4809188"},{"key":"7243_CR16","doi-asserted-by":"crossref","unstructured":"Abdoli, F. & Kahani, M. (2009). Ontology-based distributed intrusion detection system. In Proceedings of the 14th International CSI Computer Conference.","DOI":"10.1109\/CSICC.2009.5349372"},{"key":"7243_CR17","doi-asserted-by":"crossref","unstructured":"Valeur, F., Mutz, D., & Vigna, G. (2005). A learning-based approach to the detection of SQL attacks. In Detection of intrusions and malware, and vulnerability assessment, Proceedings, Vol. 3548, pp. 123\u2013140.","DOI":"10.1007\/11506881_8"},{"key":"7243_CR18","unstructured":"Valeur, F., Mutz, D., Vigna, G. (2013). A learning-based approach to the detection of SQL Attacks. In Conference on detection of intrusions & malware and vulnerability ass (Vol. 55, No. 10, , pp. 1767\u20131780). Elsevier."},{"issue":"10","key":"7243_CR19","doi-asserted-by":"publisher","first-page":"1767","DOI":"10.1016\/j.infsof.2013.04.002","volume":"55","author":"LK Shar","year":"2013","unstructured":"Shar, L. K., & Tan, H. B. K. (2013). Predicting SQL injection & cross site scripting vulnerabilities through mining input sanitization patterns. Information & Software Technology, 55(10), 1767\u20131780.","journal-title":"Information & Software Technology"},{"key":"7243_CR20","volume-title":"Testing & analysis of web services","author":"M Cova","year":"2007","unstructured":"Cova, M., Felmetsger, V., & Vigna, G. (2007). Vulnerability analysis of web applications. In L. Baresi & E. Dinitto (Eds.), Testing & analysis of web services. Berlin: Springer."},{"issue":"12","key":"7243_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.5120\/18123-9085","volume":"103","author":"NEB El-Moussaid","year":"2014","unstructured":"El-Moussaid, N. E. B., & Toumanari, A. (2014). Web application attacks detection: A survey & classification. International Journal of Computer Applications, 103(12), 1\u20136.","journal-title":"International Journal of Computer Applications"},{"key":"7243_CR22","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1145\/1698750.1698754","volume":"13","author":"P Bisht","year":"2010","unstructured":"Bisht, P., Madhusudan, P., & Venkatakrishnan, V. N. (2010). CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks. ACM Transaction on Information System Security, 13, 14.","journal-title":"ACM Transaction on Information System Security"},{"key":"7243_CR23","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1007\/11663812_7","volume":"3858","author":"T Pietraszek","year":"2006","unstructured":"Pietraszek, T., & Berghe, C. V. (2006). Defending against injection attacks through context-sensitive string evaluation. Recent Advances in Intrusion Detection, 3858, 124\u2013145.","journal-title":"Recent Advances in Intrusion Detection"},{"key":"7243_CR24","doi-asserted-by":"crossref","unstructured":"Haldar, V., Chandra, D., & Franz, M. (2005). Dynamic taint propagation for Java. In Proceedings 21st Annual Computer Security Applications Conference.","DOI":"10.1109\/CSAC.2005.21"},{"key":"7243_CR25","doi-asserted-by":"crossref","unstructured":"Garc\u00eda, V. H., Monroy, R., Quintana, M. (2006). Web attack detection using ID3. In workshop International Federation for Information Processing Santiago, Chile, pp. 323\u2013332.","DOI":"10.1007\/978-0-387-34749-3_34"},{"issue":"2","key":"7243_CR26","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1016\/j.cose.2011.11.007","volume":"31","author":"Y-C Chung","year":"2012","unstructured":"Chung, Y.-C., Ming-Chuan, Wu, Chen, Y.-C., & Chang, W.-K. (2012). A Hot Query Bank approach to improve detection performance against SQL injection attacks. Computers & Security, 31(2), 233\u2013248.","journal-title":"Computers & Security"},{"key":"7243_CR27","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1145\/1111320.1111070","volume":"41","author":"Z Su","year":"2006","unstructured":"Su, Z., & Wassermann, G. (2006). The essence of command injection attacks in web applications. ACM SIGPLAN Notices., 41, 372\u2013382.","journal-title":"ACM SIGPLAN Notices."}],"container-title":["Wireless Personal Communications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11277-020-07243-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11277-020-07243-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11277-020-07243-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,3,28]],"date-time":"2021-03-28T00:10:56Z","timestamp":1616890256000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11277-020-07243-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,3,28]]},"references-count":27,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2021,4]]}},"alternative-id":["7243"],"URL":"https:\/\/doi.org\/10.1007\/s11277-020-07243-z","relation":{},"ISSN":["0929-6212","1572-834X"],"issn-type":[{"value":"0929-6212","type":"print"},{"value":"1572-834X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,3,28]]},"assertion":[{"value":"28 March 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with Ethical Standards"}},{"value":"The authors have declared to have no confliect of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This research includes no studies involving animals or humans controlled by the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Human and Animal Rights"}}]}}