Abstract
SQL injection (SQLi) attacks present severe risks to applications; they may result in the unintended exposure, modification, corruption, or deletion of information. An error in a single line of code can introduce a vulnerability to an application, compounding the risk. There are a variety of strategies for detecting and mitigating SQLi, including but not limited to output filtering. Output filtering protects a system and its information by validating the records that are returned from the database management system. In this paper, we evaluate the effectiveness of output filtering, which has not yet been examined in the literature. We employ output filtering to protect custom Web application known to be vulnerable to SQLi attack. An experiment was performed to determine if output filtering was able to defend an application against SQLi attacks, as well as measure the potential performance impact. Results demonstrate that output filtering has the potential to defend against SQLi attacks and has a limited impact on an application's response time.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
