Search for: keyword-based
Article Information Systems ; Volume 56 , 2016 , Pages 135-156 ; 03064379 (ISSN) ; Amini, M ; Sharif University of Technology
Nowadays, a large volume of an organization's sensitive data is stored in databases making them attractive to attackers. The useful information attackers try to obtain in the preliminary steps, is the database structure or schema. One of the popular approaches to infer and extract the schema of a database is to analyze the returned error messages from its DBMS. In this paper, we propose a framework to handle and modify the error messages automatically in order to prevent schema revealing. To this aim, after identifying and introducing an appropriate set of categories of error messages, each error message that is returned from a DBMS is placed in a proper category. According to the policy...