Abstract
SQL injection is one of the most destructive network attacks that can lead to information leakage from the database including username, password, addresses, phone number and credit card statement and so on. This information may lead to huge loss to commercial vendor, and even threaten to the national security. In this paper we put forward a novel approach in which we define a new role called smart-driver that located between the web application and the back-end database. The smart-driver will only give normal users the information belonging to them by distributing a random number to the users as their identifier or reject masquerade behavior of invalid users. By analyses, we prove that our method is more safety and can effectively protect our web application.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
