IJSTE

CALL FOR PAPERS : Oct 2019

Submission Last Date
25-Oct-19
Submit Manuscript Online

FOR AUTHORS

FOR REVIEWERS

ARCHIEVES

DOWNLOADS

Open Access



CopyScape
Creative Commons License

Use of Query Tokenization to Detect and Prevent SQL Injection Attacks


Author(s):

Anurekh Kumar , AIACTR; Shobha Bhatt, AIACTR

Keywords:

SQLIA, Classification of SQLIA, Query Tokenization, SQL injection, SQL detection etc

Abstract:

In today’s era where almost every task is performed through web applications, the need to assure the security of web applications has increased. A survey held in 2010 shows web application vulnerabilities and SQL Injection attack ranked among top five. SQL Injection attack (SQLIA) is performed by those persons who want to access the database and want to steal, change or delete the data which they do not have permission to access . In SQLIA adversary requests through a malicious query which shows some confidential data. In research, it is also proved that when a network and host-level entry point is highly secured, the public interface provided by an application is the one and only source of SQL injection attack. SQLIA can’t be applied without using space, single quotes or double dashes. So to prevent SQLIA, these options are taken in observation. Previous model used JDBC-LDAP library which did not support instances, alias and set operations (UNION and UNION ALL). If a query with injection is accepted by any database which is based on relational approach, then it will be accepted by all databases that are based on relational approach. This paper is focused on SQLIA and its techniques and encounters the shortcoming of previous models. This paper proposed a model which uses two databases one relational and other hierarchical to ensure about injection in a query, compare the results by applying tokenization technique on both databases. If the results are same, there is no injection, otherwise it is present. The proposed model uses a tokenization technique so; query containing Alias, Instances and Set operations can also be blocked at the entry point.


Other Details:

Manuscript Id :IJSTEV2I1041
Published in :Volume : 2, Issue : 1
Publication Date: 01/08/2015
Page(s): 97-103
Download Article

IMPACT FACTOR

4.753

NEWS & UPDATES

Submit Article

Dear Authors, You can submit your article to our journal at the following link: http://www.ijste.org/Submit

Impact Factor

The Impact Factor of our Journal is 4.753 (Year - 2016)
3.905 (Year - 2015) 2.895(Year -2014)

Click Here

Submit Payment Online

Dear Authors, Now you can submit the payment receipt to our journal online at the following link: index.php?p=Payment

Index Copernicus Value

The IC Value of our journal is 69.90
Click Here

GLOBAL INDEXING



















Computer Science Directory. We are listed under Computer Research Institutes category

Share on Social media

Home | Privacy Policy | Terms & Conditions | Refund Policy | Feedback | Contact Us
Copyright © 2014 ijste.org All rights reserved