26 Hits in 6.7 sec


Sooel Son, Kathryn S. McKinley, Vitaly Shmatikov
2013 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13  
This paper describes the design and implementation of DIGLOS-SIA, a new tool that precisely and efficiently detects code injection attacks on server-side Web applications generating SQL and NoSQL queries  ...  To detect injected code in a generated query, DIGLOSSIA parses the query in tandem with its shadow and checks that (1) the two parse trees are syntactically isomorphic, and (2) all code in the shadow query  ...  This work was partially supported by the NSF grants CNS-0746888, CNS-0905602, SHF-0910818, CCF-1018271, and CNS-1223396.  ... 
doi:10.1145/2508859.2516696 dblp:conf/ccs/SonMS13 fatcat:zqtrbdccw5bs5kwmqzq3n7gsty


Muhammad Saidu Aliero, Imran Ghani, Syeed Zainudden, Muhammad Murad Khan, Munir Bello
2015 Jurnal Teknologi  
In this paper we provide a detailed background of SQLIA together with vulnerable PHP code to demonstrate how attacks are being carried out, and discuss most commonly used method by programmers to defend  ...  Successful SQL Injection Attacks (SQLIA) result in unauthorized access and unauthorized data modification.  ...  The tool uses static analysis to detect and prevent SQL injection attack.  ... 
doi:10.11113/jt.v77.6359 fatcat:j7kyxbcugbeibb4pr3pn5gikxm

Security Testing Tool for NoSQL Systems

Muhammad A. Lawal and Mostaf A. Saleh Muhammad A. Lawal and Mostaf A. Saleh
2019 journal of king abdulaziz university computing and information technology sciences  
detect and prevent attacks on NoSQL systems.  ...  In this paper, an input validation mechanism architecture is proposed for Mongo DB to detect and prevent NoSQL injection attacks, the mechanism employs a Deterministic Finite Automaton (DFA) approach to  ...  Acknowledgment The authors will like to thank the faculty of computing and information technology (FCIT), King Abdulaziz University Jeddah, KSA for its continuous support.  ... 
doi:10.4197/comp.8-1.8 fatcat:qkvsm3zjy5f3jhfuqcyomodl4q

Comprehensive Java Metadata Tracking for Attack Detection and Repair

Jeff Perkins, Jordan Eikenberry, Allessandro Coglio, Martin Rinard
2020 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)  
Contributions include new techniques for eliminating false positives associated with benign integer overflows and underflows, new metadataaware techniques for detecting and nullifying SQL and command injection  ...  and underflows, and 3) ClearTrack successfully detects and nullifies all tested integer overflow and underflow, SQL injection, and command injection vulnerabilities in the benchmark applications.  ...  Results from an evaluation performed by an independent test and evaluation team hired by the United States government demonstrate ClearTrack's effectiveness in leveraging the tracked metadata to detect  ... 
doi:10.1109/dsn48063.2020.00024 dblp:conf/dsn/PerkinsECR20 fatcat:kk6e6hfdnjdydgsru7bqzxn32m

On Preventing SQL Injection Attacks [chapter]

Bharat Kumar Ahuja, Angshuman Jana, Ankit Swarnkar, Raju Halder
2015 Advances in Intelligent Systems and Computing  
In this paper, we propose three new approaches to detect and prevent SQL Injection Attacks (SQLIA), as an alternative to the existing solutions.  ...  We discus in details the benefits and shortcomings of the proposals w.r.t the literature.  ...  In [18] , authors proposed an idea to identify various types of SQLIA and to mitigate such attacks by redefining code-injection attacks on outputs (CIAOs).  ... 
doi:10.1007/978-81-322-2650-5_4 fatcat:fxve6ouxh5cmzdp4px5g2kknaq

Web Uygulama Güvenliği Açıklıkları Ve Güvenlik Çözümleri Üzerine Bir Araştırma

Security solutions used in preventing possible attacks caused by these vulnerabilities have been also compared with usage fields, intrusion detection mechanisms, performances and platform-independencies  ...  for web-based attacks.  ...  Diglossia: detecting code injection attacks with precision and efficiency. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (1181-1192).  ... 
doi:10.18640/ubgmd.56836 fatcat:br24dg67fzanpjgfsiie2uvrky

Privacy-Breaching Patterns in NoSQL Databases

Kanika Goel, Arthur Hm Ter Hofstede
2021 IEEE Access  
Unfortunately, to achieve these features, compromises have been made with respect to security and privacy.  ...  Growing community awareness and unease combined with increased legislative requirements around data privacy have made such compromises less palatable, risky, or downright unacceptable.  ...  NoSQL injection attacks involve injecting malicious code in the executable code allowing the attacker to gain authority and hence access to the information in the database.  ... 
doi:10.1109/access.2021.3062034 fatcat:hransnnpsbcere3wcz4l2d7jhe

Addressing Security and Privacy Challenges in Internet of Things [article]

Arsalan Mosenia
2018 arXiv   pre-print
The rapid development of various communication protocols and miniaturization of transceivers along with recent advances in sensing technologies offer the opportunity to transform isolated devices into  ...  In this thesis, we tackle several domain-specific security/privacy challenges associated with IoT-enabled systems.  ...  For example, Son et al. describe the design and implementation of DIGLOSSIA [235], a new tool that precisely and efficiently detects code injection attacks on servers.  ... 
arXiv:1807.06724v1 fatcat:f45cytbjkjgyjiytvr2ygdcsze

a-k (complete) Living 2016: Cultural Codes and Arrays in Arab Everyday Worlds Five Years After the "Arab Spring"

Stephan Guth (ed.), Elena Chiti (ed.)
2017 Journal of Arabic and Islamic studies  
The case of satiric literature (adab sākhir) Satire has a deep tradition in Egyptian culture that goes back to ancient times, and its prevalence throughout history has certainly to do with the national  ...  political culture, with its characteristic mix of deference and derision towards patriarchal authoritarianism, a mix that seems to have permeated for centuries the social fabric, from the nuclear family  ...  for Gumbrecht'ian arrays, codes, and codes collapsed (cf.  ... 
doi:10.5617/jais.4761 fatcat:i7lturfgofdenhww7hvmkyyiiq

Editorial Associate: Position Papers of the 2017 Federated Conference on Computer Science and Information Systems and Information Systems Cover photo

Maria Ganzha, Leszek Maciaszek, Marcin Paprzycki, Maria Ganzha, Leszek Maciaszek, Marcin Paprzycki, Wil Van Der Aalst, Frederik Ahlemann, Marco Aiello, Mohammed Atiquzzaman, Barrett Bryant, Ana Fred (+17 others)
Polskie Towarzystwo Informatyczne Annals of Computer Science and Information Systems   unpublished
ACKNOWLEDGMENT This work was supported by the Business Informatics Group at Dublin City University and in part, by Science Foundation Ireland grant 13/RC/2094 and co-funded under the European Regional  ...  ACKNOWLEDGMENT The paper was supported by the grant provided by Ministry of Education, Youth and Sport Czech Republic, reference no. SGS15/PRF/2017.  ...  Attackers use evasion techniques to hide malicious code, which is polymorphic and customised to a given target, or dynamically modified during the attack.  ... 

OASIcs, Volume 83, SLATE 2020, Complete Volume [article]

Alberto Simões, Pedro Rangel Henriques, Ricardo Queirós
Acknowledgements We want to thank the researchers and investigators at M-BW and José Paiva for the input and assistance on the project.  ...  Acknowledgements The authors would like to thank Sónia Reis (U.Algarve and INESC-ID Lisboa for her help in the linguistic data compilation and revision, as well as her attentive reading of initial versions  ...  Afterward, we inject this inferred triples in the ontology with an Insert query.  ... 
doi:10.4230/oasics.slate.2020 fatcat:acit4ooulranrngpylg4nfbume


Lydmila Nazarenko, Nikolaev Regional Institute of Postgraduate Education, Svitlana Palamar, Boris Grinchenko University of Kyiv
2019 New stages of development of modern science in Ukraine and EU countries  
There are distinguished the general issues on the history of pedagogy, teaching theories and methods, special pedagogy, theories and methods of vocational education and education management, information  ...  The monograph describes the theoretical and practical aspects of the development of pedagogical science in Ukraine and the EU countries.  ...  Research assistants contacted all the 6 teachers responsible for the discipline and four of them wanted to participate.  ... 
doi:10.30525/978-9934-588-15-0-15 fatcat:gka7kn46zbeclmemrdipkvx6ne

Journal of Arabic and Islamic Studies JOURNAL OF ARABIC AND ISLAMIC STUDIES edited by

Alex Metcalfe
2010 unpublished
A broader view of code choice in dialogues: implications for further research Using the diglossic situation as a linguistic tool to construct the identity of protagonists is a phenomenon worth investigation  ...  and attack the lance has to be straight and sturdy.  ...  This is the case with most writers, as we have seen. And yet, the choice of code clearly serves a purpose, as this study will show. Diglossia in literature has been examined by a number of linguists.  ... 

LANGUAGE IN INDIA Strength for Today and Bright Hope for Tomorrow

M Thirumalai, B Mallikarjun, Sam, B A Sharada, A R Fatihi, Lakhan, Marie Jennifer, S M Bayer, G Ravichandran, L Baskaran, Ramamoorthy
Like race, it is determined by birth and does not end with death but passes from generation to generation.  ...  At first sight, Balbir Madhopuri's Changiya Rukh is a Dalit autobiography like many others with all the ingredients that shock and shame non-Dalit Indians, or ought to.  ...  Same is the case with code switching. Some communities show more tendencies towards code switching while some do not.  ... 


T.A. Gridina, T.V. Ustinova
2016 Russian Linguistic Bulletin  
Transformations of the word's associative potential as the prime mover of verbal routine transfigurations are analyzed with regard to the semantic contribution of coresense and consense properties of linguistic  ...  The poet's lingua-creative innovations and modifications are described in this paper as prompts for the reader's novel and unique conceptualization.  ...  Whether a woman can shape her eyebrows, whether one can be injected with the medicine containing spirit, etc.  ... 
doi:10.18454/rulb.6.27 fatcat:vqglnxeamraj3ikgayebvwcove
« Previous Showing results 1 — 15 out of 26 results