A Review on Enhancing the Security of Database using SQL Injection

Isha Shingari

Abstract


In one way or other we all are connected with internet. All web applications are dependent on the internet. Now a day’s web applications play a vital role in everybody’s life.  Exponential growth could be observed in many user friendly web applications. Thousands of transactions are done daily through these applications, 80% out of which are vulnerable to malicious attacks according to the survey by the Open Web Application Security Projects (OWSAP) .SQL injections is the highest security threat for web applications .SQL injection is a mechanism for inserting a malicious code in user code. Results in adding or modifying data, leak of confidential information, bypass authentication, performing denial of service, network hacking , table structure, and deleting the database .In this paper we have discussed the various aspects of SQL injection.

Full Text:

PDF

References


M. Dornseif - Common Failures in Internet Applications, May 2005

William G.J. Hal fond, Jeremy Vie gas, and Alessandro Orso: A Classification of SQL Injection Attacks and Countermeasures 2006 IEEE.

D. A. Kindy and A. K. Pathan: A Survey on SQL Injection: Vulnerabilities, Attacks, and Prevention Techniques 2011 IEEE

Atefeh Tajpour, Suhaimi Ibrahim, Maslin Masrom: SQL Injection Detection and Prevention Techniques, International Journal of Advancements in Computing August 2011.

Geoffrey Vaughan- Understanding SQL injection attacks inside and out- University of Ontario Institute of Technology, Canada- 2012.

Pushkar Y.Jane, M.S.Chaudhari- SQLIA: Detection And Prevention Techniques: A Survey IOSR Journal of Computer Engineering September 2012

Asha N, M.Varun Kumar, Vaidhyanathan.G “Preventing SQL Injection Attacks”. The Third International Journal of Computer Applications volume52-no-13, 2012

Chad Dougherty- Practical Identification of SQL Injection Vulnerabilities, Carnegie Mellon University. Produced for US-CERT© 2012

V. Nithya, R.Regan, J.vijayaraghavan-A Survey on SQL Injection attacks, their Detection and Prevention Techniques- International Journal of Engineering and Computer Science April, 2013

Ericka Chickowski, Contributing Writer Dark Reading May, 2013 [11] OWSAP –The open web application security project (OWASP) available at www.owasp.org/index.php/mainpage last access Jan 2014

www.w3.org/protocols- last access January 2014.

Amit Banchhor, Tushar Vaidya” Sql injection: A Survey paper” International Journal of Advanced Technology in Engineering and Science Volume No 03, Special Issue No. 01, May 2015

Yash Tiwari, Mallika Tiwari” A Study of SQL of Injections Techniques and their Prevention Methods International Journal of Computer Applications (0975–8887)Volume 114–No. 17, March 2015


Refbacks

  • There are currently no refbacks.




© International Journals of Advanced Research in Computer Science and Software Engineering (IJARCSSE)| All Rights Reserved | Powered by Advance Academic Publisher.