Impact analysis of preventing cross site scripting and SQL injection attacks on web application

Abstract

Web applications provide immeasurable large facilities to the users. The usability and popularity of web applications have expanded. This has caused various types of attacks over them. SQL injection and XSS (Cross Site Scripting) attacks are very famous to exploit the web applications. To sneak into the web application database, one can use SQL injection attack that may cause database alteration or imparting vital details while XSS is one more threat in which malicious user tricks the input data given that may steer to the modification in webpage viewing or redirection of user to attacker's working space. The proposed Intrusion Detection System is a container based approach that is based on a mapping model. In this, a request to query mapping is applied to recognise and prevent such class of attacks. The container based approach to identify two different client requests have been used. The impact measurement of this container based approach on the web server is calculated using http_load and autobench tool. The web application performance measurement based on various parameters such as average page time, pages per second, memory and processing time for container based approach has been carried out and compared with the existing approach.