SQL injections attack and session hijacking on e-learning systems
E-learning enables acquisition of knowledge and information through technologies such as computers, smartphones, tablets and wide area networks. The existence of e-learning does contribute in the field of education field such as in the university because its improve the education quality and distrib...
| Main Authors: | Chung, S.K., Yee, O.C., Singh, M.M., Hassan, R. |
|---|---|
| Format: | Conference or Workshop Item |
| Institution: | Universiti Teknologi Petronas |
| Record Id / ISBN-0: | utp-eprints.31130 / |
| Published: |
Institute of Electrical and Electronics Engineers Inc.
2014
|
| Online Access: |
https://www.scopus.com/inward/record.uri?eid=2-s2.0-84925945841&doi=10.1109%2fI4CT.2014.6914201&partnerID=40&md5=a9cea5ca381e6a655bd7a997f5b920a3 http://eprints.utp.edu.my/31130/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
utp-eprints.31130 |
|---|---|
| recordtype |
eprints |
| spelling |
utp-eprints.311302022-03-25T09:00:29Z SQL injections attack and session hijacking on e-learning systems Chung, S.K. Yee, O.C. Singh, M.M. Hassan, R. E-learning enables acquisition of knowledge and information through technologies such as computers, smartphones, tablets and wide area networks. The existence of e-learning does contribute in the field of education field such as in the university because its improve the education quality and distributing and sharing of teaching material efficiently. However, due to the open-network in which e-learning tools resides, it is prone to various security attacks. In this paper, we will classify e-learning technology security based attacks into classification via active and passive attacks. Next, two major attacks which is the SQL injection attack and session hijacking is explored in-depth. Case study for each attack to investigate the vulnerabilities in e-learning system and mechanism of solutions to tackle this attack is also presented. An evaluation of the proposed solutions against the X.800 security architecture is done at the end of the study. © 2014 IEEE. Institute of Electrical and Electronics Engineers Inc. 2014 Conference or Workshop Item NonPeerReviewed https://www.scopus.com/inward/record.uri?eid=2-s2.0-84925945841&doi=10.1109%2fI4CT.2014.6914201&partnerID=40&md5=a9cea5ca381e6a655bd7a997f5b920a3 Chung, S.K. and Yee, O.C. and Singh, M.M. and Hassan, R. (2014) SQL injections attack and session hijacking on e-learning systems. In: UNSPECIFIED. http://eprints.utp.edu.my/31130/ |
| institution |
Universiti Teknologi Petronas |
| collection |
UTP Institutional Repository |
| description |
E-learning enables acquisition of knowledge and information through technologies such as computers, smartphones, tablets and wide area networks. The existence of e-learning does contribute in the field of education field such as in the university because its improve the education quality and distributing and sharing of teaching material efficiently. However, due to the open-network in which e-learning tools resides, it is prone to various security attacks. In this paper, we will classify e-learning technology security based attacks into classification via active and passive attacks. Next, two major attacks which is the SQL injection attack and session hijacking is explored in-depth. Case study for each attack to investigate the vulnerabilities in e-learning system and mechanism of solutions to tackle this attack is also presented. An evaluation of the proposed solutions against the X.800 security architecture is done at the end of the study. © 2014 IEEE. |
| format |
Conference or Workshop Item |
| author |
Chung, S.K. Yee, O.C. Singh, M.M. Hassan, R. |
| spellingShingle |
Chung, S.K. Yee, O.C. Singh, M.M. Hassan, R. SQL injections attack and session hijacking on e-learning systems |
| author_sort |
Chung, S.K. |
| title |
SQL injections attack and session hijacking on e-learning systems |
| title_short |
SQL injections attack and session hijacking on e-learning systems |
| title_full |
SQL injections attack and session hijacking on e-learning systems |
| title_fullStr |
SQL injections attack and session hijacking on e-learning systems |
| title_full_unstemmed |
SQL injections attack and session hijacking on e-learning systems |
| title_sort |
sql injections attack and session hijacking on e-learning systems |
| publisher |
Institute of Electrical and Electronics Engineers Inc. |
| publishDate |
2014 |
| url |
https://www.scopus.com/inward/record.uri?eid=2-s2.0-84925945841&doi=10.1109%2fI4CT.2014.6914201&partnerID=40&md5=a9cea5ca381e6a655bd7a997f5b920a3 http://eprints.utp.edu.my/31130/ |
| _version_ |
1741197523713785856 |
| score |
11.62408 |