Please use this identifier to cite or link to this item: https://rda.sliit.lk/handle/123456789/2304
Title: Policy-based SQLIA detection and prevention approach for RFID systems
Authors: Abawajy, J
Fernando, H. S
Keywords: RFID
SQLIA
Data validation
Data sanitization
Policy
Issue Date: 1-Feb-2015
Publisher: North-Holland
Series/Report no.: Computer Standards & Interfaces;Vol 38 Pages 64-71
Abstract: While SQL injection attacks have been plaguing web application systems for years, the possibility of them affecting RFID systems was only identified very recently. However, very little work exists to mitigate this serious security threat to RFID-enabled enterprise systems. In this paper, we propose a policy-based SQLIA detection and prevention method for RFID systems. The proposed technique creates data validation and sanitization policies during content analysis and enforces those policies during runtime monitoring. We tested all possible types of dynamic queries that may be generated in RFID systems with all possible types of attacks that can be mounted on those systems. We present an analysis and evaluation of the proposed approach to demonstrate the effectiveness of the proposed approach in mitigating SQLIA.
URI: http://rda.sliit.lk/handle/123456789/2304
Appears in Collections:Research Papers - Dept of Computer Systems Engineering
Research Papers - SLIIT Staff Publications

Files in This Item:
File Description SizeFormat 
1-s2.0-S092054891400083X-main.pdf
  Until 2050-12-31
1.26 MBAdobe PDFView/Open Request a copy


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.