A fast and secure way to prevent SQL injection attacks

Author

Mittal, Payal ; Jena, S.K.

Author_Institution

Dept. of Comput. Sci. & Eng., Nat. Inst. of Technol., Rourkela, India

fYear

2013

fDate

11-12 April 2013

Firstpage

730

Lastpage

734

Abstract

As most of the web applications are associated with database as back end so there are possibilities of SQL injection attacks (SQLIA) on it. Even SQLIA is among top 10 attacks according to Open Web Application Security Project but still approaches are not able to give proper solution to this problem. Number of measures are also discovered to overcome this attack, but which measure is more convenient and can also provide fast access to application without compromising the security is also a major concern. Some existing approaches are good in security but they are not efficient to handle large user´s requests. To overcome these two issues at the same moment we have used Bitslice AES encryption to prevent this attack. This implementation uses a non-standard representation, and view the processor as a SIMD computer, i.e. as 64 parallel one-bit processors computing the same instruction.

Keywords

Internet; SQL; cryptography; parallel processing; SIMD computer; SQL injection attacks; SQLIA; Web applications; bitslice AES encryption; database; nonstandard representation; open Web application security project; parallel one-bit processors; Communications technology; Conferences; Databases; Encryption; Logic gates; Bitslice AES; SQL injection attacks (SQLIAs); SQL server; Web security;

fLanguage

English

Publisher

ieee

Conference_Titel

Information & Communication Technologies (ICT), 2013 IEEE Conference on

Conference_Location

JeJu Island

Print_ISBN

978-1-4673-5759-3

Type

conf

DOI

10.1109/CICT.2013.6558190

Filename

6558190