Study of Methods of SQL Injection Defence Maleki Alia, Farahani Farhad Momenib, Maleki Rezac aDepartment of Management, College of Management, Isfahan Science and Research Branch, Islamic Azad University, Isfahan, Iran bDepartment of Management, College of Management, Arak Branch, Islamic Azad University, Arak, Iran cDepartment of Computer Science and Information Technology, Institute for Advanced Studies in Basic Sciences(IASBS), Zanjan, Iran Online published on 6 August, 2014. Abstract Due to the development of “Web” technology and expansion of web-based programs, the subject of “database security” has got a new dimension. From the advent of databases on, security and its provision had been important concerns and its appropriate application and efficacy had been fundamental features of the database; however, the concept of security was overshadowed by such subjects as appropriate function, effectiveness, and reliability. Security problems of computer systems can be analyzed from two viewpoints: lack of appropriate security mechanisms and lack of suitable application, if there are such mechanisms, or lack of acceptable security policies. One of the most important security problems of “SQL-based” systems is “SQL Injection attack”. Methods of such attacks and ways of obstructing them will be discussed in this project. Top Keywords SQL, SQL Injection Attacks, Code Level Defence, Platform Level Defence, Filter Bypassing. Top |