Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

Analysis of SQL Injection Detection and Prevention


Affiliations
1 Department of Computer Science and Engineering, Jaypee Institute of Information Technology University, Sector-128, Noida – 201301, Uttar Pradesh, India
 

Objectives: SQL Injection Attack (SQLIA) is a frequent and a severe security issue in the web applications. In SQLIA, hacker can obtain the benefit of poor input validation and weak coded web application. Due to the successful execution of a SQLIA, integrity and confidentiality of data are lost which results in the degrading organization’s market value. This paper gives a valuable analysis of various types of SQLIAs, methods and mechanisms. It also explores various detection and prevention techniques. Methods/Analysis: A rigorous survey has been conducted and consequently, comparative analysis of various detection and prevention techniques is done with respect to various types of attacks. In current research various pattern matching algorithms for the detection and prevention of SQLIA are analyzed and few are tested. Findings: Comparative analysis of Boyer Moore pattern matching algorithm is done with Naive String pattern matching algorithm. The time and memory consumption taken by both the algorithms has been analyzed. The results show that Boyer Moore is more efficient to detect and prevent the SQLIAs as compared to Naive string. Novelty/Improvement: In future it aims to propose an algorithm which will enhance in terms of efficiency and resource usage. The approach needs to be implemented for every pattern matching algorithm to find the best solution regarding detection and prevention of SQLIA.

Keywords

Boyer Moore Algorithm, Detection, Prevention, SQLIA, SQL Injection
User

Abstract Views: 202

PDF Views: 0




  • Analysis of SQL Injection Detection and Prevention

Abstract Views: 202  |  PDF Views: 0

Authors

Haripriya Rana
Department of Computer Science and Engineering, Jaypee Institute of Information Technology University, Sector-128, Noida – 201301, Uttar Pradesh, India
Shelly Sachdeva
Department of Computer Science and Engineering, Jaypee Institute of Information Technology University, Sector-128, Noida – 201301, Uttar Pradesh, India

Abstract


Objectives: SQL Injection Attack (SQLIA) is a frequent and a severe security issue in the web applications. In SQLIA, hacker can obtain the benefit of poor input validation and weak coded web application. Due to the successful execution of a SQLIA, integrity and confidentiality of data are lost which results in the degrading organization’s market value. This paper gives a valuable analysis of various types of SQLIAs, methods and mechanisms. It also explores various detection and prevention techniques. Methods/Analysis: A rigorous survey has been conducted and consequently, comparative analysis of various detection and prevention techniques is done with respect to various types of attacks. In current research various pattern matching algorithms for the detection and prevention of SQLIA are analyzed and few are tested. Findings: Comparative analysis of Boyer Moore pattern matching algorithm is done with Naive String pattern matching algorithm. The time and memory consumption taken by both the algorithms has been analyzed. The results show that Boyer Moore is more efficient to detect and prevent the SQLIAs as compared to Naive string. Novelty/Improvement: In future it aims to propose an algorithm which will enhance in terms of efficiency and resource usage. The approach needs to be implemented for every pattern matching algorithm to find the best solution regarding detection and prevention of SQLIA.

Keywords


Boyer Moore Algorithm, Detection, Prevention, SQLIA, SQL Injection



DOI: https://doi.org/10.17485/ijst%2F2017%2Fv10i30%2F158468