Efficient Solution for SQL Injection Attack Detection and Prevention
Munqath H. Alattar1, S.P. Medhane2
1Munqath H. Alattar Information Technology Department, College of Engineering, Bharati Vidyapeeth University, Pune, India.
2Prof.S.P. Medhane, Information Technology Department, College of Engineering, Bharati Vidyapeeth University, Pune, India.
Manuscript received on February 03, 2013. | Revised Manuscript received on February 28, 2013. | Manuscript published on March 05, 2013. | PP: 395-398 | Volume-3 Issue-1, March 2013. | Retrieval Number: A1399033113/2013©BEIESP
Open Access | Ethics and Policies | Cite
© The Authors. Published By: Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: SQL injection is the most common attack for web applications and widely used exploit by hackers all over the world. A malicious hacker can do a lot of harm if he wishes to. SQL injection is a security vulnerability that occurs in the database layers of an application. SQL injection is a technique to pass SQL code into interactive web applications that employ in database services. The employment of SQL Injection Attacks, can lead to the leak of confidential information such as credit card numbers, commercial information & table structure. The attackers can get the entire schema of the original database and also corrupt it. In this paper, we have proposed the Detection Model of SQL Injection Vulnerabilities and SQL Injection Mitigation Framework. These approaches are based on SQL Injection grammar to identify the SQL Injection vulnerabilities during software development and SQL Injection Attack on web-based applications.
Keywords: SQL Injection; Security Assessment; vulnerabilities; Pattern Matching, SQL Query.