CALL FOR PAPERS : December-2022

Submission Last Date
Submit Manuscript Online





Open Access

Creative Commons License

Use of Query Tokenization to Detect and Prevent SQL Injection Attacks


Anurekh Kumar , AIACTR; Shobha Bhatt, AIACTR


SQLIA, Classification of SQLIA, Query Tokenization, SQL injection, SQL detection etc


In today’s era where almost every task is performed through web applications, the need to assure the security of web applications has increased. A survey held in 2010 shows web application vulnerabilities and SQL Injection attack ranked among top five. SQL Injection attack (SQLIA) is performed by those persons who want to access the database and want to steal, change or delete the data which they do not have permission to access . In SQLIA adversary requests through a malicious query which shows some confidential data. In research, it is also proved that when a network and host-level entry point is highly secured, the public interface provided by an application is the one and only source of SQL injection attack. SQLIA can’t be applied without using space, single quotes or double dashes. So to prevent SQLIA, these options are taken in observation. Previous model used JDBC-LDAP library which did not support instances, alias and set operations (UNION and UNION ALL). If a query with injection is accepted by any database which is based on relational approach, then it will be accepted by all databases that are based on relational approach. This paper is focused on SQLIA and its techniques and encounters the shortcoming of previous models. This paper proposed a model which uses two databases one relational and other hierarchical to ensure about injection in a query, compare the results by applying tokenization technique on both databases. If the results are same, there is no injection, otherwise it is present. The proposed model uses a tokenization technique so; query containing Alias, Instances and Set operations can also be blocked at the entry point.

Other Details:

Manuscript Id :IJSTEV2I1041
Published in :Volume : 2, Issue : 1
Publication Date: 01/08/2015
Page(s): 97-103
Download Article




Submit Article

Dear Authors, You can submit your article to our journal at the following link: http://www.ijste.org/Submit

Impact Factor

The Impact Factor of our Journal is 4.753 (Year - 2016)
3.905 (Year - 2015) 2.895(Year -2014)

Click Here

Submit Payment Online

Dear Authors, Now you can submit the payment receipt to our journal online at the following link: index.php?p=Payment




Computer Science Directory. We are listed under Computer Research Institutes category

Share on Social media

Home | Privacy Policy | Terms & Conditions | Refund Policy | Feedback | Contact Us
Copyright © 2014 ijste.org All rights reserved