Algorithm to prevent back end database against SQL injection attacks

SQL injection attack (SQLIA) is a technique through which attackers gain access over back-end databases by inserting the malicious codes through front-end. In recent times SQL injection attacks (SQLIAs) have emerged as a major threat to database security. Flaws in designing, improper coding practice...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:INDIACom : 2014 International Conference on Computing for Sustainable Global Development : 5-7 March 2014 s. 754 - 757
Hlavní autor: Srivastava, Mahima
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: Bharati Vidyapeeth University 01.03.2014
Témata:
Arrays
ASCII values
Authentication
cyber crime
Encoding
Internet
run time monitoring
Servers
SQL injections
SQL query
ISBN:9380544103, 9789380544106
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:SQL injection attack (SQLIA) is a technique through which attackers gain access over back-end databases by inserting the malicious codes through front-end. In recent times SQL injection attacks (SQLIAs) have emerged as a major threat to database security. Flaws in designing, improper coding practices, configuration errors, improper validation of user input etc. makes the web application vulnerable and allows the malicious user to obtain unrestricted access to confidential information. Researchers have proposed so many solutions but still SQLIAs exist. In this paper we will discuss several types of SQLIAs, existing techniques and their drawbacks. Finally I have proposed a solution using the ASCII values. I have implemented it using C# and SQL server 2005, although this algorithm can be implemented in any language and for any database platform with minimal modifications.
ISBN:9380544103
9789380544106
DOI:10.1109/IndiaCom.2014.6828063