Detect and Prevent SQLIA by Dynamic Monitoring | ||
Iraqi Journal of Information Technology | ||
Article 1, Volume 6, Issue 4, October 2014, Pages 34-42 | ||
Authors | ||
Ahmed Hashim Mohammed; Hanaa M. A. Salman; Saad K. Majeed | ||
Abstract | ||
Web applications play a very important role in many fields and become an integral part of the daily lives of millions of users to offer business and convenience services ,Most of the web applications increase their adoption of database systems as a back end to store critical information for the daily billions of transactions are done online .The SQL injection attacks (SQLIAs) one amongst the most dangerous vulnerabilities for Web applications, and represent a trick to SQL query as a serious threat to database server by input possibly such as form fields, The consequences of this type of attacks are poses serious security threats to web applications they allow attackers intelligently obtain unrestricted access to bypass the authentication databases systems or stolen sensitive information these databases contain might. In this paper we present a detailed survey on various kinds of SQLIAs types and also compared existing detection and prevention techniques against these attacks with proposed system in order to find out analytically to what extent they can be claimed effective. Results of an empirical study showed the proposed technique is give promising result in detect more SQLIAs types with respect to the existing tools | ||
Keywords | ||
Static analysis; dynamic analysis; SQLIAs | ||
Statistics Article View: 58 PDF Download: 12 |