[1] |
OWASP 2013 top 10 risks[EB/OL]. , 2015-3-12.
|
[2] |
MCDONALD, S . SQL Injection: modes of attack, defense, and why it matters[EB/OL]. , 2015-3-11.
|
[3] |
ORSO A , HALFOND W G J , VIEGAS J . A classification of SQL injection attacks and countermeasures[C]// The International Symposium on Secure Software Engineering. c2006.
|
[4] |
APPELT D , NGUYEN D C , BRIAND L . Behind an application irewall, are we safe from SQL injection attacks[C]// IEEE International Conference on Software Testing, Verification and Validation (ICST). c2015: 1-10.
|
[5] |
马小婷, 胡国平, 李舟军 . SQL注入漏洞检测与防御技术研究[J]. 计算机安全, 2010(11): 18-24. MA X T , HU G P , LI Z J . Research on detection and prevention technologies for SQL injection vulnerability[J]. Computer Security, 2010(11): 18-24.
|
[6] |
HALFOND W G J , ORSO A . AMNESIA: analysis and monitorin for NEutralizing SQL-injection attacks[C]// 20th IEEE/ACM International Conference on Automated Software Engineering. ACM, c2005: 174-183.
|
[7] |
HALFOND W G J , ORSO A . Detection and prevention of SQL injection attacks[J]. Malware Detection, 2006, (27): 85-109.
|
[8] |
SHAR L K , TAN H B K , BRIAND L C . Mining SQL injection cross site scripting vulnerabilities using hybrid program analysis[C]// 2013 International Conference on Software Engineering. IEEE Press, c2013: 642-651.
|
[9] |
SHAHRIAR H , NORTH S , CHEN W C . Early detection of SQL injection attacks[J]. International Journal of Network Security & Its Applications, 2013, 5(4): 53-65.
|
[10] |
VALEUR F , MUTZ D , VIGNA G . A learning-based approach to the detection of SQL attacks[M]. Detection of Intrusions and Malware, and Vulnerability Assessment, Springer Berlin Heidelberg, 2005: 123-140.
|
[11] |
KEMALIS K , TZOURAMANIS T . SQL-IDS: a specification-based approach for SQL-injection detections[C]// 2008 ACM Symposium on Applied Computing. ACM, c2008: 2153-2158.
|
[12] |
陆开奎 . 基于动态污点分析的漏洞攻击检测技术研究与实现[D]. 成都: 电子科技大学, 2013. LU K K . The Research and realization of dynamic taint analysis based security attack detection technology[D]. Chengdu: University of Electronic Science and Technology of China, 2013.
|
[13] |
HUANG Y W , HUANG S K , TSAI C H . Web application security assessment by fault injection and behavior monitoring[C]// WWW’03 International Conference on World Wide Web. c2003: 148-159.
|
[14] |
KALS S , KIRDA E , KRUEGEL C , et al. SecuBat: a Web vulnerability scanner[C]// International Conference on World Wide Web. c2006: 247-256.
|
[15] |
APPELT D , NGUYEN C D , BRIAND L C , et al. Automated testing for SQL injection vulnerabilities: an input mutation approach[C]// In ternational Symposium on Software Testing & Analysis. c2014: 259-269.
|
[16] |
王苏南 . 高速复杂网络环境下异常流量检测技术研究[D]. 郑州:解放军信息工程大学, 2012. WANG S N . Research on anomaly detection technology in high-speed complex network environment[D]. Zhengzhou: PLA Information Engineering University, 2012.
|
[17] |
ZHANG J , XIANG Y , WANG Y , et al. Network traffic classification using correlation information[J]. IEEE Transactions on Parallel & Distributed Systems, 2013, 24(1): 104-117.
|
[18] |
周爱平, 程光, 郭晓军 . 高速网络流量测量方法[J]. 软件学报, 2014, 25(1): 135-153. ZHOU A P , CHENG G , GUO X J . High-speed network traffic measurement method[J]. Journal of Software, 2014, 25(1): 135-153.
|
[19] |
王鹏, 兰巨龙, 陈庶樵 . 粒度自适应的多径流量分割算法[J]. 通信学报, 2015, 36(1): 211-217. WANG P , LAN J L , CHEN S Q . Multipath traffic splitting algorithm based on adaptive granularity[J]. Journal on Communicatio, 2015, 36(1): 211-217.
|
[20] |
Pangolin-SQLinjection tools[EB/OL]. , 2014-12-22.
|
[21] |
Sqlmap-Automatic SQL injection and databasetakeover tool[EB/OL]. , 2015-3-5.
|