http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
NoSQL Injection : Data Security on Web Vulnerability
Hemn B. Abdalla,Guoquang Li,Jinzhao Lin,Mustafa A. Alazeez 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.9
Web sites can be dynamic and static sometimes a combination of both. To assure security all the websites need protections to their database. This paper proposes a static analysis of various technique of detecting recently discovered web-based vulnerabilities such as cross-site scripting and HTTP splitting attacks with NoSQL injection. Today, the situation is¬ better, and traditional databases have introduced built-in protection mechanisms. But does this mean that NoSQL systems are immune to injections? Our study shows that although the security of the query language has largely improved; there are still techniques for injecting malicious queries. Some works already provide reports of NoSQL injection techniques. We also show the methods of accessing the dark web. We use TOR browser for the explanation of accessing dark web. The user entering into the website with different format rather than the original will be noticed, and they are not allowed to access our website. Instead of passing SQL queries into the input fields the user can also directly pass the objects inside it. Once the user enters in, with the actual format and attempts to upload .exe file the website tends to block that user's account.