Abstract
Web applications have become widely pervasive in all types of Internet-based services. Thus, security is one of the major concerns as most web applications suffer from vulnerabilities, making them attractive targets for security attacks. Structured Query Language Injection Attack (SQLIA) on stored procedures poses serious threats in the underlying database of any application. This article presents the methodological issues of developing a web application SQLI protector tool to detect stored procedures of SQLIAs. Our technique uses real-time settings based on positive tainting approach, accurate and efficient taint propagation and syntax-aware evaluation of the query strings at the application level are used to detect illegal queries before they reach the database. Then, the proposed tool is evaluated based on its efficiency and effectiveness in practices. In addition, detection techniques used are also analysed. The developed tool is effective given its capability to detect and stop all SQLIAs in a real-time environment.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Internet Technology and Secured Transactions
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
