C-Queued Technique against SQL injection attack
Main Article Content
Abstract
Web application is the great need of modernization, with the increase of web application grow, attacks have been manufactured. Among all attacks, SQL Injection is a most disastrous threat which destroys and even gains the complete accessibility of backend applications. Queries which are made dynamically after the user supplied input is highly susceptible to Injection .By providing the Single quotes, double quotes, double dashes, semicolon, tautology and other vulnerabilities inputs he could misconfigure or modify the contents of the underlying database of a web application. We proposed a concept to detect SQL injection attacks by Parsing the SQL Query into tokens (chunks of SQL queries). When attacker is making SQL injection he will use attacking tricks in his input. Our method consists of parsing of original query and a query with injection separately, the tokens are formed they all make a Circular-Link-List for which every token is an element of the circular link list. Two circular-link-lists resulting from both original query and a query with injection are obtained and their node-to-node is compared to detect whether there is injection or not. By checking the list-node cycle address and node-to-node comparison, the result would be made that, there is injection or not.
Â
Â
Keywords: Database security, SQL injection, Authentication Introduction.
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.