Using parse tree validation to prevent SQL injection attacks

  title={Using parse tree validation to prevent SQL injection attacks},
  author={Gregory Buehrer and Bruce W. Weide and Paolo A. G. Sivilotti},
An SQL injection attack targets interactive web applications that employ database services. Such applications accept user input, such as form fields, and then include this input in database requests, typically SQL statements. In SQL injection, the attacker provides user input that results in a different database request than was intended by the application programmer. That is, the interpretation of the user input as part of a larger SQL statement, results in an SQL statement of a different form… CONTINUE READING
Highly Influential
This paper has highly influenced a number of papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 305 citations. REVIEW CITATIONS

10 Figures & Tables



Citations per Year

306 Citations

Semantic Scholar estimates that this publication has 306 citations based on the available data.

See our FAQ for additional information.