Title :
A novel approach for detection of SQL injection and cross site scripting attacks
Author :
Sonewar, Piyush A. ; Mhetre, Nalini A.
Author_Institution :
Dept. of Comput. Eng., Smt. Kashibai Navale Coll. of Eng., Pune, India
Abstract :
Web applications provide vast category of functionalities and usefulness. As more and more sensitive data is available over the internet hackers are becoming more interested in such data revealing which can cause massive damage. SQL injection is one of such attacks. This attack can be used to infiltrate the database of any web application that may lead to alteration of database or disclosing important information. Cross site scripting is one more attack in which attacker obfuscates the input given to the web application that may lead to changes in view of the web page. Three tier web applications can be categorized statically and dynamically for detecting and preventing these types of attacks. Mapping model in which requests are mapped on queries can be used effectively to detect such kind of attacks and prevention logic can be applied.
Keywords :
Internet; SQL; Web sites; security of data; SQL injection detection; Web applications; Web page; cross site scripting attack; database infiltration; mapping model; prevention logic; Blogs; Computers; Conferences; Databases; Intrusion detection; Uniform resource locators; Cross Site Scripting (XSS); Intrusion Detection System (IDS); SQL injection attack; Tier Web Application; Web Security Vulnerability;
Conference_Titel :
Pervasive Computing (ICPC), 2015 International Conference on
Conference_Location :
Pune
DOI :
10.1109/PERVASIVE.2015.7087131
