英语翻译A web application is application software which includes dynamic web pages such that end users can access the software through client modules that run in web browsers.The coding of client modules is in browser supported languages such as

英语翻译A web application is application software which includes dynamic web pages such that end users can access the software through client modules that run in web browsers.The coding of client modules is in browser supported languages such as
英语翻译
A web application is application software which includes dynamic web pages such that end users can access the software through client modules that run in web browsers.The coding of client modules is in browser supported languages such as HTML,Java,ASP,PHP etc.In three tire web applications,the user provides query specification as input in a pre defined format in the front tire.These inputs are used in constructing SQL queries by the application server in the middle tire.The back tire contains the database server.Web applications are popular due to the ubiquity of web browsers,and the convenience of using a web browser as a client,sometimes called as thin client.The ability to update and maintain web applications without distributing and installing software on potentially thousands of client computers is a key reason for their popularity.Common web applications include web mail,on line retail sales,on line auctions,on line banking,and many other functional applications.Mitres Vulnerability statistics reported in the year 2010 2011[2],points out 25 most common program errors or vulnerabilities causing most successful SQL injection attack along with other web application attacks.These vulnerabilities are dangerous because it gives chances * The department is funded by UGCs DRS I under the SAP to the attackers to steal data from the application database.It is claimed that the SQL Injection scored highest rank among the web application attacks.It is reported that SQL Injections are one of the most common and easiest techniques adopted by attackers to attack web servers,data servers and sometimes the network.This category of web attack is conducted for unauthorized access of web application,breaking the role based accessibility,and violating the integrity of the data storage.A significant rise in SQL injection attack is reported by CISCO[3] too.The Information Systems Audit Cell report[4] recommends review the application control in net banking applications by conducting penetration testing keeping in view of the prevailing guidelines by Reserve Bank of India,IT Act and other applicable regulations in India and asked to check the vulnerabilities in the applications like SQL injection,Cross site scripting etc.In this paper,in section 2,we report the background of SQL injection attack and its different classes.In this section we also present its existing practice of detection.We finally discuss in this section 2,the brief idea of the approach called DUD.In section 3,the propose detection approach RDUD is described.We report our problem formulation along with the detection algorithms in section 4.Experimental results and finally the concluding remarks are reported in section 5 and 6 respectively.

英语翻译A web application is application software which includes dynamic web pages such that end users can access the software through client modules that run in web browsers.The coding of client modules is in browser supported languages such as
Web应用是应用软件,包括动态Web页面,用户可以通过在浏览器上运行的客户端模块访问软件.客户端模块的编码是浏览器支持如HTML,Java,ASP语言,PHP等三轮胎的Web应用程序,用户提供查询规范作为一个预先定义的格式在前轮输入.这些投入使用的中间用轮胎中的应用服务器进行SQL查询.后轮胎包含数据库服务器.由于Web浏览器无处不在的Web应用程序是流行的,和使用Web浏览器作为客户端的方便,有时称为瘦客户端.的能力,更新和维护Web应用程序没有分发和安装软件的潜在的成千上万的客户端计算机是其受欢迎的主要原因.常见的Web应用程序包括电子邮件,在线零售销售,在线拍卖,网上银行,和许多其他功能的应用.高脆弱性的统计报告,在2010年度2011 [ 2 ],指出25种最常见的程序错误或漏洞造成最成功的SQL注入攻击以及其他Web应用攻击.这些漏洞是危险的因为它给机会*部资助的UGC DRS我SAP的攻击下,从应用程序数据库中窃取数据.据称,SQL注入攻击的Web应用程序中得分最高的排名中.据悉,SQL注入是一种通过攻击者攻击Web服务器最常见和最简单的技术,数据服务器和有时网络.这类网络攻击是Web应用程序的未经授权的访问进行了基础性的作用,断裂,和数据存储的完整性违规.在SQL注入攻击显著上升的报道由思科[ 3 ]太.信息系统审计细胞报告[ 4 ]推荐评审的应用控制网络银行应用程序进行渗透测试在保持现行的指引由印度储备银行的观点,它的行为和在印度的其他适用的法规和要求检查的应用如SQL注入漏洞,跨站脚本等.在本文中,在2节中,我们报告的SQL注入攻击及其不同类别的背景.在本节中我们还提出了其存在的实际检测.我们终于在本节讨论2,该方法的简单想法称为无用的.在3节中,提出了rdud检测方法.我们报告我们的问题在第4节中的检测算法.实验结果和最后的结束语是在第5和6分别报道.