A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm
Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measure...
Uloženo v:
| Vydáno v: | EURASIP Journal on Information Security Ročník 2020; číslo 1; s. 1 - 14 |
|---|---|
| Hlavní autoři: | , , , , |
| Médium: | Journal Article |
| Jazyk: | angličtina |
| Vydáno: |
Cham
Springer International Publishing
18.08.2020
Springer Nature B.V SpringerOpen |
| Témata: | |
| ISSN: | 2510-523X, 1687-4161, 2510-523X, 1687-417X |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user’s input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks |
|---|---|
| AbstractList | Abstract Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user’s input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user’s input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks |
| ArticleNumber | 14 |
| Author | Abikoye, Oluwakemi Christiana Kayode, Aderonke Anthonia Akande, Oluwatobi Noah Abubakar, Abdullahi Dokoro, Ahmed Haruna |
| Author_xml | – sequence: 1 givenname: Oluwakemi Christiana surname: Abikoye fullname: Abikoye, Oluwakemi Christiana organization: Department of Computer Science, University of Ilorin – sequence: 2 givenname: Abdullahi surname: Abubakar fullname: Abubakar, Abdullahi organization: Department of Computer Science, University of Ilorin – sequence: 3 givenname: Ahmed Haruna surname: Dokoro fullname: Dokoro, Ahmed Haruna organization: Computer Science Department, Gombe State Polytechnic – sequence: 4 givenname: Oluwatobi Noah orcidid: 0000-0002-4940-5709 surname: Akande fullname: Akande, Oluwatobi Noah email: akande.noah@lmu.edu.ng organization: Computer Science Department, Landmark University – sequence: 5 givenname: Aderonke Anthonia surname: Kayode fullname: Kayode, Aderonke Anthonia organization: Computer Science Department, Landmark University |
| BookMark | eNp9kUtv1DAUhS1UpJbSP9CVJdYGP2I7WVYV0IqpALVI7Kwbx5nxkLGD7ak04s-TTKhALLry497v6OicV-gkxOAQumT0LWO1epeZUEISyimhlDFBDi_QGZeMEsnF95N_7qfoIuctpZTXtG6oPEO_rnCIj27AxdlN8D_3DpeIx-QeXSj4_usK-7B1tvgYMIQO2xRzJtkXh7NNfiw-rDGUAvZHxvs8vz6FfdmQu5iSz-RLmoY4lzRPdlDsBsOwjsmXze41etnDkN3Fn_Mcffvw_uH6hqw-f7y9vloRW_GmEGiU6JXsoQNQla2YU41mTPaq7VsFtu2cgLZure60Ul1bKScU1VXdMU5bDeIc3S66XYStGZPfQTqYCN4cP2JaG0jF28EZroXmPWXQOlGBgwY63Uum-kaLRko1ab1ZtMYUp7ByMdu4T2Gyb3glJGV1xeppq162jnEl1xvrC8whlgR-MIyauTmzNGem5syxOXOYUP4f-mT4WUgsUB7noF366-oZ6jdRDrAu |
| CitedBy_id | crossref_primary_10_1109_ACCESS_2023_3266385 crossref_primary_10_1016_j_procs_2022_01_012 crossref_primary_10_1016_j_tcs_2025_115554 crossref_primary_10_1080_19393555_2021_1995537 crossref_primary_10_1186_s40537_022_00678_0 crossref_primary_10_1109_ACCESS_2023_3262989 crossref_primary_10_3390_app13116508 crossref_primary_10_3390_electronics14173420 crossref_primary_10_56294_dm2025190 crossref_primary_10_1109_TSC_2024_3453748 |
| Cites_doi | 10.1016/j.sysarc.2015.11.001 10.11648/j.ajnc.s.2015040301.13 10.1016/j.jisa.2018.04.001 10.1007/978-3-030-24308-1_14 10.1016/j.procs.2018.08.218 10.1109/ITACT.2015.7492650 10.1088/1742-6596/1299/1/012059 10.3390/sym11121484 10.1016/j.cose.2014.04.007 |
| ContentType | Journal Article |
| Copyright | The Author(s) 2020 The Author(s) 2020. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: The Author(s) 2020 – notice: The Author(s) 2020. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | C6C AAYXX CITATION 3V. 7SC 7XB 8AL 8FD 8FE 8FG 8FK ABUWG AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- L7M L~C L~D M0N P5Z P62 PHGZM PHGZT PKEHL PQEST PQGLB PQQKQ PQUKI PRINS Q9U DOA |
| DOI | 10.1186/s13635-020-00113-y |
| DatabaseName | Springer Nature OA Free Journals CrossRef ProQuest Central (Corporate) Computer and Information Systems Abstracts ProQuest Central (purchase pre-March 2016) Computing Database (Alumni Edition) Technology Research Database ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) (purchase pre-March 2016) ProQuest Central (Alumni) ProQuest Central UK/Ireland Advanced Technologies & Computer Science Collection ProQuest Central Essentials ProQuest Central Technology collection ProQuest One Community College ProQuest Central Korea ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection Computer Science Database Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional Computing Database Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Premium ProQuest One Academic (New) ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China ProQuest Central Basic DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef Computer Science Database ProQuest Central Student Technology Collection Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection Computer and Information Systems Abstracts ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Central China ProQuest Central ProQuest One Applied & Life Sciences ProQuest Central Korea ProQuest Central (New) Advanced Technologies Database with Aerospace Advanced Technologies & Aerospace Collection ProQuest Computing ProQuest Central Basic ProQuest Computing (Alumni Edition) ProQuest One Academic Eastern Edition ProQuest Technology Collection ProQuest SciTech Collection Computer and Information Systems Abstracts Professional Advanced Technologies & Aerospace Database ProQuest One Academic UKI Edition ProQuest One Academic ProQuest Central (Alumni) ProQuest One Academic (New) |
| DatabaseTitleList | Computer Science Database CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website – sequence: 2 dbid: BENPR name: ProQuest Central url: https://www.proquest.com/central sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering Computer Science |
| EISSN | 2510-523X 1687-417X |
| EndPage | 14 |
| ExternalDocumentID | oai_doaj_org_article_27372f01abe34aea9ad7f516f9739556 10_1186_s13635_020_00113_y |
| GroupedDBID | -A0 .4S .DC 2WC 3V. 4.4 40G 5VS 6KP 8FE 8FG 8R4 8R5 AAKPC ABUWG ACGFS ADBBV ADINQ ADMLS AFKRA AHBYD AHYZX ALMA_UNASSIGNED_HOLDINGS AMKLP ARAPS ARCSS AZQEC BCNDV BENPR BGLVJ BPHCQ C24 C6C CCPQU CS3 DWQXO EDO EIS GNUQQ GROUPED_DOAJ HCIFZ HZ~ K6V K7- KQ8 M0N M~E OK1 P62 PQQKQ PROAC Q2X RHU SEG TR2 TUS U2A AAYXX CITATION OVT 7SC 7XB 8AL 8FD 8FK JQ2 L7M L~C L~D PHGZM PHGZT PKEHL PQEST PQGLB PQUKI PRINS Q9U |
| ID | FETCH-LOGICAL-c429t-a963f65fadaa64c41e697115f6bfb6acbde3ab8bc7d766db46e360748d120b7a3 |
| IEDL.DBID | DOA |
| ISICitedReferencesCount | 20 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000562108700001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 2510-523X 1687-4161 |
| IngestDate | Fri Oct 03 12:45:29 EDT 2025 Sat Oct 11 05:45:21 EDT 2025 Sat Nov 29 03:33:01 EST 2025 Tue Nov 18 21:59:44 EST 2025 Fri Feb 21 02:32:16 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Keywords | SQL injection Web application vulnerability Cross-site scripting Information security Knuth-Morris-Pratt (KMP) string matching algorithm |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c429t-a963f65fadaa64c41e697115f6bfb6acbde3ab8bc7d766db46e360748d120b7a3 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0000-0002-4940-5709 |
| OpenAccessLink | https://doaj.org/article/27372f01abe34aea9ad7f516f9739556 |
| PQID | 2435018418 |
| PQPubID | 237294 |
| PageCount | 14 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_27372f01abe34aea9ad7f516f9739556 proquest_journals_2435018418 crossref_citationtrail_10_1186_s13635_020_00113_y crossref_primary_10_1186_s13635_020_00113_y springer_journals_10_1186_s13635_020_00113_y |
| PublicationCentury | 2000 |
| PublicationDate | 2020-08-18 |
| PublicationDateYYYYMMDD | 2020-08-18 |
| PublicationDate_xml | – month: 08 year: 2020 text: 2020-08-18 day: 18 |
| PublicationDecade | 2020 |
| PublicationPlace | Cham |
| PublicationPlace_xml | – name: Cham – name: New York |
| PublicationTitle | EURASIP Journal on Information Security |
| PublicationTitleAbbrev | EURASIP J. on Info. Security |
| PublicationYear | 2020 |
| Publisher | Springer International Publishing Springer Nature B.V SpringerOpen |
| Publisher_xml | – name: Springer International Publishing – name: Springer Nature B.V – name: SpringerOpen |
| References | SoewitoBGunawanFEPrevention structured query language injection using regular regular expression and escape stringProcedia Comput. Sci.201813567868710.1016/j.procs.2018.08.218https://doi.org/10.1016/j.procs.2018.08.218 PingCA second-order SQL injection detection method201717921796 AshwinRAnirbanBAnandVLAn authentication mechanism to prevent SQL injection by syntactic analysis2015BangaloreIEEE16 PrabakarAKarthiKeyanMMarimuthuKAn efficient technique for preventing SQL injection attack using pattern2013503506 Y. Jang, J. Choi, Detecting SQL injection attacks using query result size. Comput Security, 1–15 (2014) https://doi.org/10.1016/j.cose.2014.04.007 ChenPWangJPanLYuHResearch and implementation of SQL injection prevention method based on ISR2016ChengduIEEE11531156 SrivastavaMAlgorithm to Prevent Back End Database against SQL Injection Attacks International Comference on Computing for Sustainable Global Development (INDIACom)2014755757 JohnAAgarwalABhardwajMAn adaptive algorithm to prevent SQL injection. 420151215https://doi.org/10.11648/j.ajnc.s.2015040301.13 PiyushASMhetreANInternational Conference on Pervasive Computing (ICPC). A novel approach for detection of SQL injection and cross site scripting attacks201514 KarisDVanajakshiJManjunathKNSrikanthPAn effective method for preventing SQL injection attack and session hijacking2017697701 PingCJinshuangWLinPHanYResearch and implementation of SQL injection prevention method based on ISR201611531156 J. Ashish, A. Ajay, B. Manish, An adaptive algorithm to prevent SQL injection. Am. J. Networks Commun., 12–15 (2015) GhafarianAA hybrid method for detection and prevention of SQL injection attacks2017833838 AppiahBOpoku-mensahESQL injection attack detection using fingerprints and pattern matching technique2017583587 A.O. Christiana, A.N. Oluwatobi, G.A. Victory, O.R. Oluwaseun, A Secured One Time Password Authentication Technique using (3, 3) Visual Cryptography Scheme. IOP Conf. Series: Journal of Physics: Conf. Series 1299, 1–10 (2019 https://doi.org/10.1088/1742-6596/1299/1/012059) UpadhyayUGirishKSQL injection avoidance for protected database with ASCII using SNORT and honeypot2016596599 TemeizaQTemeizaMItmaziJA novel method for preventing SQL injection using SHA-1 algorithm and syntax-awarenessSudanese J. Comput. Geoinform.2017111626 PravallicaTBetamSAn application to prevent SQL injection attacks using randomized encription algorithm. International journal of computer trends and technology (IJCTT)201327822786 UtpalUGirishKSQL injection avoidance for protected database with ASCII using SNORT and honeypot. International conference on advanced communication control and Computing technologies (ICACCCT)2016RamanathapuramIEEE596599 O.C. Abikoye, A.D. Haruna, A. Abubakar, N.O. Akande, E.O. Asani, Modified advanced encryption standard algorithm for information security. Symmetry 11, 1–17 (2019) https://doi.org/10.3390/sym11121484 G. Ahmad, A hybrid method for detection and prevention of SQL injection attacks, Computing Conference (London, 2017), pp. 833–838 PramodAGhoshAMohanAShrivastavaMShettarRSQLI detection system for a safer web application2015237240 RameshAAn Authentication Mechanism to Prevent SQL Injection by Syntactic Analysis201510.1109/ITACT.2015.7492650 Acunetix_web_application_vulnerability_report_2019 AmithPAgneevGAmalMMohitSRajashreeSSQLI detection system for a safer web application2015BangloreIEEE237240 AhmedMAAliFMultiple-path testing for cross site scripting using genetic algorithmsJ. Syst. Archit.2015000113https://doi.org/10.1016/j.sysarc.2015.11.001 QaisTMohammadTJamilIA novel method for preventing SQL injection using SHA-1 algorithm and syntax-awareness2017KhartoumIEEE14 VoitovychOPYuvkovetskyiOSKupershteinLMSQL injection prevention system201625 AmuthaPKarthiKeyanMMarimuthuKAn efficient technique for preventing SQL injection attack using pattern matching algorithm2013503506 GeogianaBKamarularifinBAFakariahBHTehFADetection model for SQL injection attack: an approach for preventing a web application from the SQL injection attack2014PenangIEEE6064 BujaGAbdulTFKamarularifinBAJFakariahMAAbdul-RahmanTFDetection model for SQL injection attack : an approach for preventing a web application from the SQL injection attack20146064 McwhirterPRKifayatKShiQAskwithBSQL injection attack classification through the feature extraction of SQL query strings using a gap-weighted string subsequence kernelJ. Inform. Sec. Appl.201840199216https://doi.org/10.1016/j.jisa.2018.04.001 N.O. Akande, C.O. Abikoye, M.O. Adebiyi, A.A. Kayode, A.A. Adegun, R.O. Ogundokun, in International Conference on Computational Science and Its Applications. Electronic medical information encryption using modified blowfish algorithm (Springer, Cham, 2019), pp. 166–179 https://doi.org/10.1007/978-3-030-24308-1_14 A John (113_CR16) 2015 PR Mcwhirter (113_CR5) 2018; 40 Q Temeiza (113_CR9) 2017; 1 G Buja (113_CR10) 2014 T Qais (113_CR28) 2017 D Karis (113_CR18) 2017 P Chen (113_CR21) 2016 OP Voitovych (113_CR20) 2016 P Amith (113_CR23) 2015 113_CR4 113_CR6 MA Ahmed (113_CR3) 2015; 000 113_CR8 113_CR7 P Amutha (113_CR27) 2013 113_CR22 R Ashwin (113_CR24) 2015 A Prabakar (113_CR25) 2013 B Appiah (113_CR14) 2017 113_CR1 A Ramesh (113_CR17) 2015 U Utpal (113_CR29) 2016 AS Piyush (113_CR11) 2015 C Ping (113_CR12) 2016 B Geogiana (113_CR33) 2014 B Soewito (113_CR2) 2018; 135 M Srivastava (113_CR31) 2014 T Pravallica (113_CR32) 2013 C Ping (113_CR15) 2017 A Ghafarian (113_CR26) 2017 113_CR30 U Upadhyay (113_CR13) 2016 A Pramod (113_CR19) 2015 |
| References_xml | – reference: ChenPWangJPanLYuHResearch and implementation of SQL injection prevention method based on ISR2016ChengduIEEE11531156 – reference: AmuthaPKarthiKeyanMMarimuthuKAn efficient technique for preventing SQL injection attack using pattern matching algorithm2013503506 – reference: Acunetix_web_application_vulnerability_report_2019 – reference: KarisDVanajakshiJManjunathKNSrikanthPAn effective method for preventing SQL injection attack and session hijacking2017697701 – reference: GeogianaBKamarularifinBAFakariahBHTehFADetection model for SQL injection attack: an approach for preventing a web application from the SQL injection attack2014PenangIEEE6064 – reference: N.O. Akande, C.O. Abikoye, M.O. Adebiyi, A.A. Kayode, A.A. Adegun, R.O. Ogundokun, in International Conference on Computational Science and Its Applications. Electronic medical information encryption using modified blowfish algorithm (Springer, Cham, 2019), pp. 166–179 https://doi.org/10.1007/978-3-030-24308-1_14 – reference: SrivastavaMAlgorithm to Prevent Back End Database against SQL Injection Attacks International Comference on Computing for Sustainable Global Development (INDIACom)2014755757 – reference: JohnAAgarwalABhardwajMAn adaptive algorithm to prevent SQL injection. 420151215https://doi.org/10.11648/j.ajnc.s.2015040301.13 – reference: PingCJinshuangWLinPHanYResearch and implementation of SQL injection prevention method based on ISR201611531156 – reference: PravallicaTBetamSAn application to prevent SQL injection attacks using randomized encription algorithm. International journal of computer trends and technology (IJCTT)201327822786 – reference: PingCA second-order SQL injection detection method201717921796 – reference: PrabakarAKarthiKeyanMMarimuthuKAn efficient technique for preventing SQL injection attack using pattern2013503506 – reference: PiyushASMhetreANInternational Conference on Pervasive Computing (ICPC). A novel approach for detection of SQL injection and cross site scripting attacks201514 – reference: SoewitoBGunawanFEPrevention structured query language injection using regular regular expression and escape stringProcedia Comput. Sci.201813567868710.1016/j.procs.2018.08.218https://doi.org/10.1016/j.procs.2018.08.218 – reference: AmithPAgneevGAmalMMohitSRajashreeSSQLI detection system for a safer web application2015BangloreIEEE237240 – reference: BujaGAbdulTFKamarularifinBAJFakariahMAAbdul-RahmanTFDetection model for SQL injection attack : an approach for preventing a web application from the SQL injection attack20146064 – reference: G. Ahmad, A hybrid method for detection and prevention of SQL injection attacks, Computing Conference (London, 2017), pp. 833–838 – reference: QaisTMohammadTJamilIA novel method for preventing SQL injection using SHA-1 algorithm and syntax-awareness2017KhartoumIEEE14 – reference: AhmedMAAliFMultiple-path testing for cross site scripting using genetic algorithmsJ. Syst. Archit.2015000113https://doi.org/10.1016/j.sysarc.2015.11.001 – reference: RameshAAn Authentication Mechanism to Prevent SQL Injection by Syntactic Analysis201510.1109/ITACT.2015.7492650 – reference: J. Ashish, A. Ajay, B. Manish, An adaptive algorithm to prevent SQL injection. Am. J. Networks Commun., 12–15 (2015) – reference: McwhirterPRKifayatKShiQAskwithBSQL injection attack classification through the feature extraction of SQL query strings using a gap-weighted string subsequence kernelJ. Inform. Sec. Appl.201840199216https://doi.org/10.1016/j.jisa.2018.04.001 – reference: PramodAGhoshAMohanAShrivastavaMShettarRSQLI detection system for a safer web application2015237240 – reference: VoitovychOPYuvkovetskyiOSKupershteinLMSQL injection prevention system201625 – reference: O.C. Abikoye, A.D. Haruna, A. Abubakar, N.O. Akande, E.O. Asani, Modified advanced encryption standard algorithm for information security. Symmetry 11, 1–17 (2019) https://doi.org/10.3390/sym11121484 – reference: UpadhyayUGirishKSQL injection avoidance for protected database with ASCII using SNORT and honeypot2016596599 – reference: A.O. Christiana, A.N. Oluwatobi, G.A. Victory, O.R. Oluwaseun, A Secured One Time Password Authentication Technique using (3, 3) Visual Cryptography Scheme. IOP Conf. Series: Journal of Physics: Conf. Series 1299, 1–10 (2019 https://doi.org/10.1088/1742-6596/1299/1/012059) – reference: UtpalUGirishKSQL injection avoidance for protected database with ASCII using SNORT and honeypot. International conference on advanced communication control and Computing technologies (ICACCCT)2016RamanathapuramIEEE596599 – reference: Y. Jang, J. Choi, Detecting SQL injection attacks using query result size. Comput Security, 1–15 (2014) https://doi.org/10.1016/j.cose.2014.04.007 – reference: AppiahBOpoku-mensahESQL injection attack detection using fingerprints and pattern matching technique2017583587 – reference: GhafarianAA hybrid method for detection and prevention of SQL injection attacks2017833838 – reference: AshwinRAnirbanBAnandVLAn authentication mechanism to prevent SQL injection by syntactic analysis2015BangaloreIEEE16 – reference: TemeizaQTemeizaMItmaziJA novel method for preventing SQL injection using SHA-1 algorithm and syntax-awarenessSudanese J. Comput. Geoinform.2017111626 – start-page: 60 volume-title: Detection model for SQL injection attack : an approach for preventing a web application from the SQL injection attack year: 2014 ident: 113_CR10 – start-page: 2 volume-title: SQL injection prevention system year: 2016 ident: 113_CR20 – start-page: 60 volume-title: Detection model for SQL injection attack: an approach for preventing a web application from the SQL injection attack year: 2014 ident: 113_CR33 – start-page: 697 volume-title: An effective method for preventing SQL injection attack and session hijacking year: 2017 ident: 113_CR18 – volume: 000 start-page: 1 year: 2015 ident: 113_CR3 publication-title: J. Syst. Archit. doi: 10.1016/j.sysarc.2015.11.001 – start-page: 2782 volume-title: An application to prevent SQL injection attacks using randomized encription algorithm. International journal of computer trends and technology (IJCTT) year: 2013 ident: 113_CR32 – start-page: 12 volume-title: An adaptive algorithm to prevent SQL injection. 4 year: 2015 ident: 113_CR16 doi: 10.11648/j.ajnc.s.2015040301.13 – start-page: 1 volume-title: International Conference on Pervasive Computing (ICPC). A novel approach for detection of SQL injection and cross site scripting attacks year: 2015 ident: 113_CR11 – start-page: 755 volume-title: Algorithm to Prevent Back End Database against SQL Injection Attacks International Comference on Computing for Sustainable Global Development (INDIACom) year: 2014 ident: 113_CR31 – start-page: 1153 volume-title: Research and implementation of SQL injection prevention method based on ISR year: 2016 ident: 113_CR21 – start-page: 503 volume-title: An efficient technique for preventing SQL injection attack using pattern matching algorithm year: 2013 ident: 113_CR27 – volume: 40 start-page: 199 year: 2018 ident: 113_CR5 publication-title: J. Inform. Sec. Appl. doi: 10.1016/j.jisa.2018.04.001 – ident: 113_CR7 doi: 10.1007/978-3-030-24308-1_14 – volume: 135 start-page: 678 year: 2018 ident: 113_CR2 publication-title: Procedia Comput. Sci. doi: 10.1016/j.procs.2018.08.218 – start-page: 237 volume-title: SQLI detection system for a safer web application year: 2015 ident: 113_CR19 – start-page: 1 volume-title: An authentication mechanism to prevent SQL injection by syntactic analysis year: 2015 ident: 113_CR24 – volume: 1 start-page: 16 issue: 1 year: 2017 ident: 113_CR9 publication-title: Sudanese J. Comput. Geoinform. – start-page: 1792 volume-title: A second-order SQL injection detection method year: 2017 ident: 113_CR15 – start-page: 1 volume-title: A novel method for preventing SQL injection using SHA-1 algorithm and syntax-awareness year: 2017 ident: 113_CR28 – start-page: 833 volume-title: A hybrid method for detection and prevention of SQL injection attacks year: 2017 ident: 113_CR26 – start-page: 503 volume-title: An efficient technique for preventing SQL injection attack using pattern year: 2013 ident: 113_CR25 – volume-title: An Authentication Mechanism to Prevent SQL Injection by Syntactic Analysis year: 2015 ident: 113_CR17 doi: 10.1109/ITACT.2015.7492650 – start-page: 596 volume-title: SQL injection avoidance for protected database with ASCII using SNORT and honeypot. International conference on advanced communication control and Computing technologies (ICACCCT) year: 2016 ident: 113_CR29 – ident: 113_CR22 – start-page: 583 volume-title: SQL injection attack detection using fingerprints and pattern matching technique year: 2017 ident: 113_CR14 – ident: 113_CR8 doi: 10.1088/1742-6596/1299/1/012059 – ident: 113_CR6 doi: 10.3390/sym11121484 – start-page: 1153 volume-title: Research and implementation of SQL injection prevention method based on ISR year: 2016 ident: 113_CR12 – ident: 113_CR4 doi: 10.1016/j.cose.2014.04.007 – ident: 113_CR1 – ident: 113_CR30 doi: 10.11648/j.ajnc.s.2015040301.13 – start-page: 596 volume-title: SQL injection avoidance for protected database with ASCII using SNORT and honeypot year: 2016 ident: 113_CR13 – start-page: 237 volume-title: SQLI detection system for a safer web application year: 2015 ident: 113_CR23 |
| SSID | ssj0002808905 ssj0064073 |
| Score | 2.2909532 |
| Snippet | Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain... Abstract Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers... |
| SourceID | doaj proquest crossref springer |
| SourceType | Open Website Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 1 |
| SubjectTerms | Algorithms Applications programs Communications Engineering Cross-site scripting Engineering Information security Knuth-Morris-Pratt (KMP) string matching algorithm Malware Networks Query languages Security Science and Technology Signal,Image and Speech Processing SQL injection String matching Structured Query Language-SQL Systems and Data Security Web application vulnerability |
| SummonAdditionalLinks | – databaseName: Advanced Technologies & Aerospace Database dbid: P5Z link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV3LaxQxGA-19eDFBypuH5KDNw2dZyZzKrVYBNuyokLxEr68dlu2mXV3Wij-8-bLZrZUsBevk0wIfO_ky-9HyLuyrbRRpmYGbMZCxMuYshZYpmoVooEJ9pVFsonm7Eycn7fjdOC2TG2Vg0-Mjtp0Gs_I94sqYs9VuTiY_2LIGoW3q4lC4xHZQpQEpG4Y1z-xxuLBdjB3H97JCL6_zMsQXRnWS5gIlez2XiyKkP338sy_rkZjxDl-9r97fU6eplyTHq6U4wXZsP4l-X1IfXdjZ3SN3kr7js5XSE7029cTeuEvY3-Wp-ANjVtnuDJNHsZPKPQ9vs2n2DU_oV_8dT9lp90iOAw2RlhkimwgYSSkw3pKYTYJu-unV6_Ij-NP348-s8TAwHSIUz2DYJ6O1w4MAK90lVveNiGHdFw5xUErY0tQQunGNJwbVXFb8pCUCJMXmWqgfE02feftG0Iz0TrOAQrV2KrWqq0LrZxByC2ruVAjkg-ykDrBkyNLxkzGMkVwuZKfDPKLjXilvB2R9-t_5itwjgdnf0QRr2cisHb80C0mMtmpLJC2x2U5KFtWYKEF07g6567FG82aj8juIHKZrH0p7-Q9Ih8Gpbkb_veWth9ebYc8KaK6hkJf7JLNfnFt98hjfdNfLBdvo67_AZfFCHQ priority: 102 providerName: ProQuest – databaseName: SpringerOpen dbid: C24 link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1Lb9QwEB5B4QAHCgXE0oJ84AYWcZw4zrGtqCoBVREg9Wb5ubvV4lTZtFLVP1_b6ywtAiS4xk7k2PP4kpn5BuANbSttlKmxkbbAweMVWFkrcaFqFbyBCfpVpGYTzdERPzlpj3NR2HLMdh9DkslSJ7Xm7P2S0OAccfzciTiG4su7cK8mvI2JfPu5xuE0_S4qeFusQXCMVNGxXOa3z7nlkhJz_y24-UuENDmeg83_W_JjeJSBJtpdScYTuGP9FmyOTRxQ1ukteHiDkfApXO0i313YBVpzu6KhQ2crnif09csnNPenKXvLI-kNSm-EYwQaZfvjp0gOQ6zcRzGnfoo--vNhhj93fTAn-DiSJqPYKySMBLCsZ0gupl0_H2Y_nsH3gw_f9g9x7s-AdfBiA5ZBeR2rnTRSskpXxLK2CQjTMeUUk1oZS6XiSjemYcyoilnKAmThhpSFaiR9Dhu-8_YFoHBijjEpS9XYqtaqrUutnImEXFYzriZAxiMSOpOXxx4aC5E-YjgTq70WYa9Tmh4VlxN4u77nbEXd8dfZe_Hk1zMj7Xa60PVTkbVYlLGpjyuIVJZW0spWmsbVhLk2xjtrNoGdUW5EtgVLUVaJNbEifALvRjn5OfznJb38t-nb8KBMosYx4TuwMfTn9hXc1xfDfNm_TjpyDaJiDaU priority: 102 providerName: Springer Nature |
| Title | A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm |
| URI | https://link.springer.com/article/10.1186/s13635-020-00113-y https://www.proquest.com/docview/2435018418 https://doaj.org/article/27372f01abe34aea9ad7f516f9739556 |
| Volume | 2020 |
| WOSCitedRecordID | wos000562108700001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: Directory of Open Access Journals customDbUrl: eissn: 2510-523X dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002808905 issn: 2510-523X databaseCode: DOA dateStart: 20070101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2510-523X dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002808905 issn: 2510-523X databaseCode: M~E dateStart: 20070101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre – providerCode: PRVAVX databaseName: SpringerOpen customDbUrl: eissn: 2510-523X dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002808905 issn: 2510-523X databaseCode: C24 dateStart: 20071201 isFulltext: true titleUrlDefault: https://link.springer.com/search?facet-content-type=%22Journal%22 providerName: Springer Nature |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1LbxMxELagcODCGxEokQ_cwKp37bW9x7ZKhVQahZdUcbH8TFIFb5VsK1VI_HZs725okYALFx_WtjTyzHhmdsbfAPCa1NRYbStklcMoWjyMtHMKYV3paA1s1C-cm03w6VScntaza62-Uk1YBw_cHdxemfqoeFwo7QhVTtXKcl8VzNcpxVRlsG3M62vB1Fn-ZYRFjbeOcMpWkeHJjGB7m4JEQ4tS6JR8IoKubpiljN5_w-X8LUuajc_RQ3C_9xrhfkftI3DLhcfgwdCRAfYK-gR834ehuXQruIVmhW0DzzuYJvjpw3u4DGe5-CpAFSzMxKCUQIb99RHmULVtengPU0n8HB6Hi3aBTpp1vA3QLGEew9TqI85EX9csoFrNm_WyXXx7Cr4cTT4fvkN9ewVkohFqkYq651nllVWKUUMLx2oeHUTPtNdMGW0dUVpowy1nzGrKHGHR4xC2KLHmijwDO6EJ7jmA8bA9Y0qVmjtaGV1XpdHeJjwtZ5jQI1AMpytNjz2eWmCsZI5BBJMdR2TkSK6yI_JqBN5s95x3yBt_XX2QmLZdmVCz84coS7KXJfkvWRqB3YHlslfljSxpBj2khRiBt4MY_Jr-M0kv_gdJL8G9MotpjPXFLthp1xfuFbhrLtvlZj0Gdw4m09nHMbh9WNJxVoE4HnMUx5MfkzjOqq8_Ab6ACiQ |
| linkProvider | Directory of Open Access Journals |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V3LbtQwFL0qBQk2PASIgQJewAqs5uE4zgKh8qhazXRURJG6M35lpmhIhpm0aMQ_8Y34OslURaK7LtjGiZXY575i-xyAF2nBjNU2o1a5iPqIF1HtnKKRzrSPBtbbVxTEJvLxWBwfF4cb8Ls_C4PbKnufGBy1rQ3-I99OWOCeY7F4O_9BUTUKV1d7CY0WFkO3-ulLtuWb_Q9-fl8mye7Ho_d7tFMVoMb73oYqD7mSZ6WySnFmWOx4kfu8qOS61FwZbV2qtNAmtznnVjPuUu4DrbBxEulcpb7fa3CdpSJHuxrmFGs67m0Va4X-XI7g28s49dGcYn2GiVdKVxdiX5AIuJDX_rUUGyLc7p3_bWzuwu0ulyY7LfjvwYar7sOvHVLVZ25G1uy0pKnJvGWqIp8_jchJ9S3sP6uIqiwJQ0XxS0jnQasJUU2D3AMETwVMyLA6bab0oF54h0gPkfaZoNqJb_HpvpkSNZv40Wim3x_Alyv53oewWdWVewQkEkXJuVKJzh3LjC6yxOjSIqWYM1zoAcT93EvT0a-jCshMhjJMcNniRXq8hI2GqVwN4NX6mXlLPnLp3e8QUus7kTg8XKgXE9n5IZmgLFEZxUq7lCmnCmXzMot5WeCKbcYHsNVDTHbebCnP8TWA1z1Iz5v__UqPL-_tOdzcOzoYydH-ePgEbiXBVASNxRZsNotT9xRumLPmZLl4FuyMwNerBu8fvstnkA |
| linkToPdf | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1LbxMxELZKQYgLDwFqoIAPcAIr-_R6DwgVSkSVEgUBUsXF-JkUhd2QbIsi_hm_jhlnN1WR6K0Hrmuvtev9ZsazHn8fIU_TMjNW25xZ5SIGES9i2jnFIp1riAYW7CsKYhPFaCSOjsrxFvndnYXBssrOJwZHbWuD_8j7SRa457JY9H1bFjHeH7ya_2CoIIU7rZ2cxhoiQ7f6Cenb8uXBPnzrZ0kyePvpzTvWKgwwA364YQrg53nulVWKZyaLHS8LWCN5rr3mymjrUqWFNoUtOLc64y7lEHSFjZNIFyqFca-QqwXkmFhOOM6_YH7HwW4xb-jO6AjeX8YpRHaGuRouwlK2OhcHg1zAuTXuX9uyIdoNbv3P83Sb3GzX2HRvbRR3yJar7pJfe7SqT92MblhraVPT-ZrBin78cEiPq2-hLq2iqrI0TBvDN6GtZ60mVDUNchJQPC0wocPqpJmy9_UCHCUbIx00RRUUaIE0wEypmk1gNprp93vk86W8732yXdWV2yE0EqXnXKlEFy7LjS7zxGhvkWrMGS50j8QdDqRpadlRHWQmQ3omuFxjRwJ2QgFiKlc98nxzz3xNSnJh79cIr01PJBQPF-rFRLb-SSYoV-SjWGmXZsqpUtnC5zH3Je7k5rxHdju4ydbLLeUZ1nrkRQfYs-Z_P9KDi0d7Qq4DZuXhwWj4kNxIgtUIFotdst0sTtwjcs2cNsfLxeNgcpR8vWzs_gGFjnC0 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+novel+technique+to+prevent+SQL+injection+and+cross-site+scripting+attacks+using+Knuth-Morris-Pratt+string+match+algorithm&rft.jtitle=EURASIP+Journal+on+Information+Security&rft.au=Oluwakemi+Christiana+Abikoye&rft.au=Abdullahi+Abubakar&rft.au=Ahmed+Haruna+Dokoro&rft.au=Oluwatobi+Noah+Akande&rft.date=2020-08-18&rft.pub=SpringerOpen&rft.eissn=2510-523X&rft.volume=2020&rft.issue=1&rft.spage=1&rft.epage=14&rft_id=info:doi/10.1186%2Fs13635-020-00113-y&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_27372f01abe34aea9ad7f516f9739556 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2510-523X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2510-523X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2510-523X&client=summon |