A novel method for SQL injection attack detection based on removing SQL query attribute values

Lee, Inyong; Jeong, Soon-Ki; Yeo, Sang-Soo; Moon, Jongsub

doi:10.1016/j.mcm.2011.01.050

Cited by 113 publications

(61 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[39] are categorized SQLIA into several categories and used them to evaluate the effectiveness for prevention SQLIAs. We used the same techniques of Halfond to evaluate our techniques via other techniques.…”

Section: Figure 4 Overhead Performancementioning

confidence: 99%

New Strategy for Mitigating of SQL Injection Attack

Alazab¹,

Khresiat²

2016

IJCA

View full text Add to dashboard Cite

SQL injection attack (SQLIA) is a serious threat to web applications. A successful SQLIAs can have serious consequences to the victimized organization that include financial lose, reputation lose, compliance and regulatory breach. Therefore, developing approaches for mitigating SQLIA is paramount important. To this end, we propose an approach based on negative tainting along with SQL keyword analysis for detecting and preventing SQLIA. We have tested our proposed approach on all types of SQLIAs techniques by generating SQL queries containing legitimate SQL commands and SQLIA. We present an analysis and evaluation of the proposed approach to demonstrate its effectiveness in detecting and protecting SQLIA attack.

show abstract

Section: Figure 4 Overhead Performancementioning

confidence: 99%

New Strategy for Mitigating of SQL Injection Attack

Alazab¹,

Khresiat²

2016

IJCA

View full text Add to dashboard Cite

show abstract

“…The technique used in this approach is that healthy database behaviors are extracted and encoded in a XML profile and a data mining technique with finger printing is used to identify malicious queries. A relatively simple detection scheme used in [4] is based on both static and dynamic analysis methods. In this scheme, parameters are separated from query and a generalized algorithm based on static and dynamic analysis is used to detect whether the parameters are genuine or infected.…”

Section: Related Workmentioning

confidence: 99%

Multi-hashing for Protecting Web Applications from SQL Injection Attacks

Bansal¹,

Park²

2015

IJCCE

View full text Add to dashboard Cite

SQL injection is a type of frequently reported security attacks on database-driven web applications in which attackers execute unauthorized query operations to access information. In this paper, we describe the design and implementation of an efficient protection scheme against the SQL injection attacks based on a multiple-hashing mechanism. The proposed protection system model consists of three phases, which are registration, login and validation phases, and database is divided into product and query databases. By using multiple hashing operations the proposed scheme achieves higher efficiency than conventional schemes, which do not use sophisticated hashing operations. The scheme is implemented with HTML, PHP and MySQL, and cryptographic hashing function SHA-512 is used in the coding. Our experimental results show that the proposed scheme achieves very high level of security gain with negligible amount of time overheads compared to the conventional methods

show abstract

“…SQL Injection Attacks can be done in various ways like using UNION keyword, Tautology condition, Group by Having Clause etc. There are also various ways of performing such attacks which are discussed in [4], [5], and [7] by different authors.…”

Section: Sql Injectionmentioning

confidence: 99%

“…The single quote ( ' ) symbol indicates the end of string, and (--) symbol is used as a comment which successfully terminates the query without generating any error. Because of this, the whole query will return true for Query result variable [4], which authenticates the user without checking password.…”

Section: Sql Injectionmentioning

confidence: 99%

“…Injection attacks are the result of a Web application sending untrusted data to the server. The most common attack occurs from malicious code being inserted into a string which is sent to the SQL Server for execution [1,4]. This attack, known as SQL Injection, allows the attacker to access data from the database, which can be stolen or manipulated.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

CIDT: Detection of Malicious Code Injection Attacks on Web Application

Choudhary¹,

Dhore²

2012

IJCA

View full text Add to dashboard Cite

Security is one of the major concerns in communication networks and other online Internet based services, which are becoming pervasive in all kinds of domains like business, government, and society. Network security involves activities that all organizations, enterprises, and institutions undertake to protect the value and usability of their assets and to maintain the integrity and continuity of operations that are performed at their end. Network security exists on all the different layers of an OSI model, Application-level web security comes at the application layer and it refers to vulnerabilities inherent in the code of a web-application itself irrespective of the technologies in which it is implemented. Security in web applications is becoming very important because of the real time transactions that are required over the internet these days. Various attacks are carried out on the web applications and behind every attack; there is vulnerability of some types or the other. Now-a-days application-level vulnerabilities have been exploited with serious consequences: E-commerce sites are tricked by attackers and they lead into shipping goods for no charge, usernames and passwords have been cracked, and confidential and important credentials of users have been leaked. SQL Injection attacks and Cross-Site Scripting attacks are the two most common attacks on web application. Proposed method is a new policy based Proxy Agent, which classifies the request as a scripted request, or query based request, and then, detects the respective type of attack, if any in the request. This method detects both SQL injection attack as well as the Cross-Site Scripting attacks.

show abstract

A novel method for SQL injection attack detection based on removing SQL query attribute values

Cited by 113 publications

References 12 publications

New Strategy for Mitigating of SQL Injection Attack

New Strategy for Mitigating of SQL Injection Attack

Multi-hashing for Protecting Web Applications from SQL Injection Attacks

CIDT: Detection of Malicious Code Injection Attacks on Web Application

Contact Info

Product

Resources

About