Abstrato

Prevention of SQL Injection Attack on Web Applications

Shakti Kumar, Subhendu Dey, R.Karthikeyan, K.G.S. Venkatesan

SQL injection is a technique where the attacker injects an input in the query in order to change the structure of the query intended by the programmer and gaining the access of the database which results modification of the user‘s data. In the SQL injection it exploits a security vulnerability of data occurring in database layer of an application. SQL injection attack is the most common attack in websites in these days. Some malicious codes get injected to the database by unauthorized users and get the access of the database due to lack of input validation. Input validation is the most critical part of software security that is not properly covered in the design phase of software development life-cycle resulting in many security vulnerabilities. This paper presents the techniques for detection and prevention of SQL injection attack. There are no full proof defences available against such type of attacks. In this paper some predefined method of detection and modern techniques are discussed. This paper also describes countermeasures of SQL injection.

Isenção de responsabilidade: Este resumo foi traduzido usando ferramentas de inteligência artificial e ainda não foi revisado ou verificado