A Secure Methodology to Detect and Prevent Ddos and Sql Injection Attacks

Abstract

As most of the applications host on cloud, Security is a major concern for the data owners. The cloud environment has to be secure and protect data owner data from cloud attacks. In this project work, we study about securing firewall against client side attacks namely Denial of firewall and SQL injection attacks. Denial of firewall is nothing but overloading the firewall by bursting n number of requests through vulnerable scripts. SQL injection attack is defined as bypassing the security protocols by malicious scripts. Thus we proposed to design and develop a web application to detect and prevent denial of firewall and SQL injection attacks.
 The denial of firewall attack can be performed using Java environment based servers and prevention can be performed using Digital Signature Algorithm (DSA) in which filter based approach and software puzzle based approach are performed to detect the malicious script based requests. Once the Deep Packet Inspection (DPI): filter based approach and software puzzle based approach are find satisfactory only the request would be processed. If the request is find malicious automatically the requested IP address would be blocked. Various type of SQL injection attacks namely SQL login bypass, Blind injection, SQL sleep attack, Data fetching attack are analysed and performed. The SQL injection attack can be prevented using PREPARE statements. This statements are created to make the SQL queries more efficient and render security benefits. This statement provides effective prevention mechanism against SQL injection attacks. Thus our proposed solution, provides high security against firewall attacks namely denial of firewall and SQL injection securing the data owner files and preventing compromising of firewall