Title :
Algorithm to prevent back end database against SQL injection attacks
Author_Institution :
Deptt. Of CSE, RKGITW, Ghaziabad, India
Abstract :
SQL injection attack (SQLIA) is a technique through which attackers gain access over back-end databases by inserting the malicious codes through front-end. In recent times SQL injection attacks (SQLIAs) have emerged as a major threat to database security. Flaws in designing, improper coding practices, configuration errors, improper validation of user input etc. makes the web application vulnerable and allows the malicious user to obtain unrestricted access to confidential information. Researchers have proposed so many solutions but still SQLIAs exist. In this paper we will discuss several types of SQLIAs, existing techniques and their drawbacks. Finally I have proposed a solution using the ASCII values. I have implemented it using C# and SQL server 2005, although this algorithm can be implemented in any language and for any database platform with minimal modifications.
Keywords :
C language; SQL; security of data; ASCII values; C#; SQL injection attacks; SQL server 2005; SQLIA; back end database prevention; database security; malicious codes; Arrays; Authentication; Databases; Encoding; Internet; Servers; ASCII values; SQL injections; SQL query; cyber crime; run time monitoring;
Conference_Titel :
Computing for Sustainable Global Development (INDIACom), 2014 International Conference on
Conference_Location :
New Delhi
Print_ISBN :
978-93-80544-10-6
DOI :
10.1109/IndiaCom.2014.6828063
