Algorithm to prevent back end database against SQL injection attacks

SQL injection attack (SQLIA) is a technique through which attackers gain access over back-end databases by inserting the malicious codes through front-end. In recent times SQL injection attacks (SQLIAs) have emerged as a major threat to database security. Flaws in designing, improper coding practice...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:INDIACom : 2014 International Conference on Computing for Sustainable Global Development : 5-7 March 2014 s. 754 - 757
Hlavný autor: Srivastava, Mahima
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: Bharati Vidyapeeth University 01.03.2014
Predmet:
Arrays
ASCII values
Authentication
cyber crime
Encoding
Internet
run time monitoring
Servers
SQL injections
SQL query
ISBN:9380544103, 9789380544106
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:SQL injection attack (SQLIA) is a technique through which attackers gain access over back-end databases by inserting the malicious codes through front-end. In recent times SQL injection attacks (SQLIAs) have emerged as a major threat to database security. Flaws in designing, improper coding practices, configuration errors, improper validation of user input etc. makes the web application vulnerable and allows the malicious user to obtain unrestricted access to confidential information. Researchers have proposed so many solutions but still SQLIAs exist. In this paper we will discuss several types of SQLIAs, existing techniques and their drawbacks. Finally I have proposed a solution using the ASCII values. I have implemented it using C# and SQL server 2005, although this algorithm can be implemented in any language and for any database platform with minimal modifications.
ISBN:9380544103
9789380544106
DOI:10.1109/IndiaCom.2014.6828063