Abstract
SQL injection attack (SQLIA) is considered one of most threats used to attack web applications. Therefore, attackers used SQL injection vulnerability to gain ultimate access to databases that belong to applications and expose their sensitive information. Thus, attackers use SQL injections vulnerability to manipulate data also it could be used to take full control of the target machine. Accordingly, several methods were proposed in the literature to address this vulnerability widely because of its importance and high impact on the security of web applications.Thus, we propose a model to detect and prevent SQL injection attack, which uses runtime validation to detect the occurrence of such attacks, our proposed model is adaptable to any existing system, with no need to modify the client or server and either no need to know web application source code. Furthermore, the modification independence is done by adding additional middleware between client and server. Thus, any check process is done on this middleware, and it is represented as a proxy that can do sanitize the inputs for detecting and preventing SQLIA.Furthermore, our proposed model accuracy reaches 86.6% for detecting and preventing SQLIA.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Karary University for Engineering and Science
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
