CFP last date
20 January 2025
Reseach Article

Devising Solution to SQL Injection Attacks

by Ruta Pathak, Ananta Bhatt, Shivam Choudhary
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 154 - Number 2
Year of Publication: 2016
Authors: Ruta Pathak, Ananta Bhatt, Shivam Choudhary
10.5120/ijca2016912037

Ruta Pathak, Ananta Bhatt, Shivam Choudhary . Devising Solution to SQL Injection Attacks. International Journal of Computer Applications. 154, 2 ( Nov 2016), 25-27. DOI=10.5120/ijca2016912037

@article{ 10.5120/ijca2016912037,
author = { Ruta Pathak, Ananta Bhatt, Shivam Choudhary },
title = { Devising Solution to SQL Injection Attacks },
journal = { International Journal of Computer Applications },
issue_date = { Nov 2016 },
volume = { 154 },
number = { 2 },
month = { Nov },
year = { 2016 },
issn = { 0975-8887 },
pages = { 25-27 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume154/number2/26465-2016912037/ },
doi = { 10.5120/ijca2016912037 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:59:09.814471+05:30
%A Ruta Pathak
%A Ananta Bhatt
%A Shivam Choudhary
%T Devising Solution to SQL Injection Attacks
%J International Journal of Computer Applications
%@ 0975-8887
%V 154
%N 2
%P 25-27
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Web application plays an important role in different fields like finance sector, business, shopping etc. There is no. of web application vulnerabilities such as SQL injection, Buffer overflow etc. Above these SQL Injection vulnerabilities are very harmful for web applications. In literature survey there are number of technique used to prevent SQLIA in application level, but not in database level. SQL injection attacks occur due to vulnerabilities in the design of queries where a malicious user can take advantage of input opportunities to insert code in the queries that modify the query-conditions resulting in unauthorized database access. In this paper we design an effective algorithm to prevent stored procedure from SQLIA in database level. Hirschberg’s algorithm is used to prevent the stored procedure, which reduces both time as well as space complexity. We also analyse several aspects which have been discussed further.

References
  1. Ke Wei, M. Muthuprasanna, Suraj Kothari, “Preventing SQL Injection Attacks in Stored Procedures”, Proceedings of the 2006 Australian Software Engineering Conference (ASWEC’06), IEEE Ding, W. and Marchionini, G. 1997 A Study on Video Browsing Strategies. Technical Report. University of Maryland at College Park.
  2. “Buffer Overflow Attacks Bypassing dep (nx/xd bits)—Part 2: Code Injection,”http://www.mastropaolo.com/, Dec.06
  3. William G.J Halfond, Alessandro Orso, P. Manolios, “WASP: Protecting Web Application Using Positive Tainting and Syntax-Aware Evaluation “, IEEE transaction of Software Engineering Vol 34, No 1, January/February 2008..
  4. Ankit Anchlia, Sheela Jain,” A novel Injection Aware Approach for the Testing of Database Applications”, 2010 International Conference on Recent Trends in Information, Telecommunication and Computing, IEEE.
  5. M.Ruse, Tanmoy Sarkar & Samik Basu, “Analysis & Detection of SQL Injection Vulnerabilities via Automatic TestCase Generation of Programs”, 2010 10th Annual International Symposium on Applications and the Internet, IEEE.
Index Terms

Computer Science
Information Sciences

Keywords

SQL injection Hirschberg’s Algorithm Database security DBMS audit