| Abstract | 第1-7页 |
| 摘要 | 第7-11页 |
| Table of Content | 第11-13页 |
| List of Abbreviation | 第13-14页 |
| List of tables | 第14-15页 |
| List of Figures | 第15-16页 |
| Chapter 1 INTRODUCTION | 第16-30页 |
| ·Importance of the problem | 第16-17页 |
| ·Research Objective | 第17-18页 |
| ·Problem Description | 第17页 |
| ·Research purpose | 第17-18页 |
| ·Introduction to SQL Injection Attacks | 第18-28页 |
| ·SQL Injection Overview | 第18页 |
| ·Definition | 第18-19页 |
| ·Classification of SQLIAs Techniques | 第19-25页 |
| ·SQL Injection Mechanisms | 第25-27页 |
| ·Consequences of SQLIAS | 第27-28页 |
| ·Contribution of this Thesis | 第28-29页 |
| ·Structure of the Work | 第29-30页 |
| Chapter 2 Theory basis and contribution of previous researches to our research | 第30-41页 |
| ·Introduction | 第30页 |
| ·SQL Injection Attacks Detection and Prevention Overview | 第30-31页 |
| ·Previous researches contribution to the detection and prevention of SQL Injection Attacks | 第31-40页 |
| ·Solutions based on best practice coding | 第32-37页 |
| ·Solutions based on learning from the first query executed | 第37页 |
| ·Partial solutions | 第37-40页 |
| ·Previous researches assistance to my research | 第40页 |
| ·Summary | 第40-41页 |
| Chapter 3 Selection condition tree approach to the detection and prevention of SQL InjectionAttacks | 第41-54页 |
| ·Introduction | 第41页 |
| ·SQL Query overview | 第41-46页 |
| ·How SQL Injection Attacks works | 第43-46页 |
| ·What Makes Attacks Achievable? | 第46页 |
| ·Selection | 第46-49页 |
| ·Capabilities of the select statement | 第46-48页 |
| ·The Selection as the main root | 第48-49页 |
| ·A focus between our approach and existing similar approach | 第49-50页 |
| ·Select condition tree | 第50-52页 |
| ·Injection detection process | 第52-53页 |
| ·Summary | 第53-54页 |
| Chapter 4 Implementation of selection condition tree to detect and prevent SQL InjectionAttacks | 第54-65页 |
| ·Introduction | 第54页 |
| ·How a web application works? | 第54-56页 |
| ·J2EE Application model | 第56-59页 |
| ·Model-View-Controller pattern | 第57-58页 |
| ·How do MVC components fit together? | 第58-59页 |
| ·Implementation using JAVA | 第59-65页 |
| ·InjectionGuardFilter class | 第59-61页 |
| ·Sequence diagram showing how injection is detected by using IGF | 第61-62页 |
| ·Test and Result Interpretation | 第62-65页 |
| Chapter 5 Conclusion and Future Work | 第65-67页 |
| REFERENCES | 第67-72页 |
| Publications | 第72-73页 |
| Acknowledgements | 第73页 |
