{"id":"https://openalex.org/W1751283969","doi":"https://doi.org/10.1109/cts.2015.7210446","title":"Classification of Lightweight Directory Access Protocol query injection attacks and mitigation techniques","display_name":"Classification of Lightweight Directory Access Protocol query injection attacks and mitigation techniques","publication_year":2015,"publication_date":"2015-06-01","ids":{"openalex":"https://openalex.org/W1751283969","doi":"https://doi.org/10.1109/cts.2015.7210446","mag":"1751283969"},"language":"en","primary_location":{"id":"doi:10.1109/cts.2015.7210446","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cts.2015.7210446","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 International Conference on Collaboration Technologies and Systems (CTS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055986564","display_name":"Pranahita Bulusu","orcid":null},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Pranahita Bulusu","raw_affiliation_strings":["Department of Computer Science, Kennesaw State University, Kennesaw, GA, USA","Dept. of Comput. Sci., Kennesaw State Univ., Kennesaw, GA, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Kennesaw State University, Kennesaw, GA, USA","institution_ids":["https://openalex.org/I172980758"]},{"raw_affiliation_string":"Dept. of Comput. Sci., Kennesaw State Univ., Kennesaw, GA, USA","institution_ids":["https://openalex.org/I172980758"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052820694","display_name":"Hossain Shahriar","orcid":"https://orcid.org/0000-0003-1021-7986"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hossain Shahriar","raw_affiliation_strings":["Department of Computer Science, Kennesaw State University, Kennesaw, GA, USA","Dept. of Comput. Sci., Kennesaw State Univ., Kennesaw, GA, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Kennesaw State University, Kennesaw, GA, USA","institution_ids":["https://openalex.org/I172980758"]},{"raw_affiliation_string":"Dept. of Comput. Sci., Kennesaw State Univ., Kennesaw, GA, USA","institution_ids":["https://openalex.org/I172980758"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033589500","display_name":"Hisham M. Haddad","orcid":null},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hisham M. Haddad","raw_affiliation_strings":["Department of Computer Science, Kennesaw State University, Kennesaw, GA, USA","Dept. of Comput. Sci., Kennesaw State Univ., Kennesaw, GA, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Kennesaw State University, Kennesaw, GA, USA","institution_ids":["https://openalex.org/I172980758"]},{"raw_affiliation_string":"Dept. of Comput. Sci., Kennesaw State Univ., Kennesaw, GA, USA","institution_ids":["https://openalex.org/I172980758"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5055986564"],"corresponding_institution_ids":["https://openalex.org/I172980758"],"apc_list":null,"apc_paid":null,"fwci":3.1784,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.92472654,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"337","last_page":"344"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9883000254631042,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/lightweight-directory-access-protocol","display_name":"Lightweight Directory Access Protocol","score":0.9689631462097168},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8033528327941895},{"id":"https://openalex.org/keywords/directory-service","display_name":"Directory service","score":0.6690549254417419},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.6641268730163574},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5085371732711792},{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.5019443035125732},{"id":"https://openalex.org/keywords/directory","display_name":"Directory","score":0.4989659786224365},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.4415161609649658},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.4247784912586212},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.23733144998550415},{"id":"https://openalex.org/keywords/query-by-example","display_name":"Query by Example","score":0.20943304896354675},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.18228945136070251},{"id":"https://openalex.org/keywords/web-search-query","display_name":"Web search query","score":0.15036320686340332}],"concepts":[{"id":"https://openalex.org/C181177684","wikidata":"https://www.wikidata.org/wiki/Q188816","display_name":"Lightweight Directory Access Protocol","level":3,"score":0.9689631462097168},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8033528327941895},{"id":"https://openalex.org/C138338577","wikidata":"https://www.wikidata.org/wiki/Q756230","display_name":"Directory service","level":3,"score":0.6690549254417419},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.6641268730163574},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5085371732711792},{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.5019443035125732},{"id":"https://openalex.org/C2777683733","wikidata":"https://www.wikidata.org/wiki/Q201456","display_name":"Directory","level":2,"score":0.4989659786224365},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.4415161609649658},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.4247784912586212},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.23733144998550415},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.20943304896354675},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.18228945136070251},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.15036320686340332},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cts.2015.7210446","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cts.2015.7210446","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 International Conference on Collaboration Technologies and Systems (CTS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6800000071525574,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W1973601758","https://openalex.org/W1980261457","https://openalex.org/W2043914943","https://openalex.org/W2067726273","https://openalex.org/W2070791239","https://openalex.org/W2101417205","https://openalex.org/W2114926976","https://openalex.org/W2149232727","https://openalex.org/W2223370815","https://openalex.org/W4242704962"],"related_works":["https://openalex.org/W2077483905","https://openalex.org/W2374155379","https://openalex.org/W73423766","https://openalex.org/W2136877416","https://openalex.org/W4230960446","https://openalex.org/W2767128237","https://openalex.org/W181118223","https://openalex.org/W2143307242","https://openalex.org/W2005960013","https://openalex.org/W2143295198"],"abstract_inverted_index":{"The":[0,61],"Lightweight":[1],"Directory":[2],"Access":[3],"Protocol":[4],"(LDAP)":[5],"is":[6],"used":[7,39,164],"in":[8,53,141],"a":[9],"large":[10],"number":[11],"of":[12,19,31,42,56,68,154,157],"web":[13,91,111],"applications,":[14],"and":[15,78,108,152,161,168,175],"therefore,":[16],"different":[17],"types":[18,67,156],"LDAP":[20,43,58,87,116,145,158,176],"injection":[21,27,88,118,131,146,159,177],"attacks":[22,28,62,132,160],"are":[23],"becoming":[24],"common.":[25],"These":[26],"take":[29],"advantage":[30],"an":[32],"application":[33],"not":[34],"validating":[35],"inputs":[36,49],"before":[37],"being":[38],"as":[40],"part":[41],"queries.":[44],"An":[45],"attacker":[46],"can":[47,63,114],"provide":[48],"that":[50,113],"may":[51],"result":[52],"the":[54,171],"alteration":[55],"intended":[57],"query":[59,117],"structure.":[60],"lead":[64],"to":[65,85,95,106,125,143,165],"various":[66,155],"security":[69],"breaches":[70],"including":[71],"Login":[72],"Bypassing,":[73],"Information":[74,79],"Disclosure,":[75],"Privilege":[76],"Escalation,":[77],"Alteration.":[80],"Despite":[81],"many":[82,90],"research":[83],"efforts":[84],"prevent":[86,126,144,166],"attacks,":[89],"applications":[92,112],"remain":[93],"vulnerable":[94],"such":[96],"attacks.":[97,119,147,178],"In":[98],"particular,":[99],"there":[100],"has":[101,122],"been":[102,123],"little":[103],"attention":[104,121],"given":[105,124],"implement":[107],"test":[109],"secure":[110],"mitigate":[115],"More":[120],"Structured":[127],"Query":[128],"Language":[129],"(SQL)":[130],"but":[133],"these":[134],"mitigation":[135,162],"techniques":[136,163],"cannot":[137],"be":[138],"directly":[139],"applied":[140],"order":[142],"This":[148],"work":[149],"provides":[150],"analysis":[151],"classification":[153],"them,":[167],"it":[169],"highlights":[170],"differences":[172],"between":[173],"SQL":[174]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}