Abstract

SQL Injection (SQLi) attacks continue to pose significant threats to modern web applications, compromising data integrity and confidentiality. This research delves into the development and evaluation of methodologies designed to detect and mitigate these malicious attacks. Employing a diverse set of web applications, the study unfolds in a controlled environment, simulating real-world conditions to assess the effectiveness of current defense mechanisms against SQLi. Building upon this baseline, the research introduces a two-pronged defense mechanism: a Static Analysis Tool to pre-emptively identify vulnerabilities in application code and a Runtime Query Sanitizer that employs rule-based patterns and machine learning models to scrutinize and sanitize SQL queries in real-time. Performance evaluation metrics, encompassing detection rate, false positives, response time, and machine learning efficiency, are meticulously documented. Further robustness of these mechanisms is ascertained through real-world simulations involving unsuspecting users and ethical hackers. Initial results indicate promising potential for the introduced methodologies in safeguarding web applications against SQLi attacks. The study's findings serve as a critical step towards fortifying web applications, emphasizing the amalgamation of static analysis and real-time query sanitization as an effective countermeasure against SQLi threats.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.