About SQL Injection Attack

The SQL injection attack (SQLIA) occurred when the attacker integrating a code of a malicious SQL query into a valid query statement via a non-valid input. As a result the relational database management system will trigger these malicious query that cause to SQL injection attack. After successful execution, it may interrupts the CIA (confidentiality, integrity and availability) of web API. The vulnerability of Web Application Programming Interface (API) is the prior concern for any programming. The Web API is mainly based of Simple Object Access Protocol (SOAP) protocol which provide its own security and Representational State Transfer (REST) is provide the architectural style to security measures form transport layer. Most of the time developers or newly programmers does not follow the standards of safe programming and forget to validate their input fields in the form. This vulnerability in the web API opens the door for the threats and it’s become a cake walk for the attacker to exploit the database associated with the web API. The objective of paper is to automate the detection of SQL injection attack and secure the poorly coded web API access through large network traffic. The Snort and Moloch approaches are used to develop the hybrid model for auto detection as well as analyze the SQL injection attack for the prototype system

Download Full-text

WEB APPLICATION PROTECTION AGAINST SQL INJECTION ATTACK

International Journal of Advance Engineering and Research Development ◽

10.21090/ijaerd.020330 ◽

2015 ◽

Vol 2 (03) ◽

Keyword(s):

Web Application ◽

Sql Injection ◽

Sql Injection Attack

Download Full-text

SQL injection attack and guard technical research

Procedia Engineering ◽

10.1016/j.proeng.2011.08.775 ◽

2011 ◽

Vol 15 ◽

pp. 4131-4135 ◽

Cited By ~ 2

Author(s):

Xue Ping-Chen

Keyword(s):

Sql Injection ◽

Technical Research ◽

Sql Injection Attack

Download Full-text

SQL injection attack detection using fingerprints and pattern matching technique

2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS) ◽

10.1109/icsess.2017.8342983 ◽

2017 ◽

Cited By ~ 5

Author(s):

Benjamin Appiah ◽

Eugene Opoku-Mensah ◽

Zhiguang Qin

Keyword(s):

Pattern Matching ◽

Attack Detection ◽

Sql Injection ◽

Matching Technique ◽

Sql Injection Attack

Download Full-text

SQL Injection Attack Mechanisms and Prevention Techniques

Lecture Notes in Computer Science - Advanced Computing, Networking and Security ◽

10.1007/978-3-642-29280-4_61 ◽

2012 ◽

pp. 524-533 ◽

Cited By ~ 4

Author(s):

Roshni Chandrashekhar ◽

Manoj Mardithaya ◽

Santhi Thilagam ◽

Dipankar Saha

Keyword(s):

Sql Injection ◽

Prevention Techniques ◽

Sql Injection Attack

Download Full-text

SQL Injection Attack Detection: Profiling of Web Application Parameter Using the Sequence Pairwise Alignment

Information Security Applications - Lecture Notes in Computer Science ◽

10.1007/978-3-540-71093-6_6 ◽

2007 ◽

pp. 74-82 ◽

Cited By ~ 2

Author(s):

Jae-Chul Park ◽

Bong-Nam Noh

Keyword(s):

Web Application ◽

Pairwise Alignment ◽

Attack Detection ◽

Sql Injection ◽

Sql Injection Attack

Download Full-text

SQL Injection Attack Detection using Machine Learning Algorithm

2021 5th International Conference on Trends in Electronics and Informatics (ICOEI) ◽

10.1109/icoei51242.2021.9452914 ◽

2021 ◽

Author(s):

A. Sivasangari ◽

J. Jyotsna ◽

K. Pravalika

Keyword(s):

Machine Learning ◽

Learning Algorithm ◽

Attack Detection ◽

Machine Learning Algorithm ◽

Sql Injection ◽

Sql Injection Attack

Download Full-text