Web Malware that Targets Web Applications

2013 ◽  
pp. 248-264 ◽  
Author(s):  
Ammar Alazab ◽  
Jemal H. Abawajy ◽  
Michael Hobbs
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Query Language ◽  
Structure Query Language ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Financial Gain ◽  
Structure Query ◽  
E Mail ◽  
Social Media Network

Web applications have steadily increased, making them very important in areas, such as financial sectors, e-commerce, e-government, social media network, medical data, e-business, academic an activities, e-banking, e-shopping, e-mail. However, web application pages support users interacting with the data stored in their website to insert, delete and modify content by making a web site their own space. Unfortunately, these activities attracted writers of malicious software for financial gain, and to take advantage of such activities to perform their malicious objectives. This chapter focuses on severe threats to web applications specifically on Structure Query Language Injection Attack (SQLIA) and Zeus threats. These threats could adopt new obfuscation techniques to evade and thwart countermeasures Intrusion Detection Systems (IDS). Furthermore, this work explores and discusses the techniques to detect and prevent web application malware.

scholarly journals Using Flask for SQLIA Detection and Protection

2020 ◽  
Vol 27 (2) ◽  
pp. 1-14
Author(s):  
Ann Ablahd ◽  
Suhair Dawwod
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Query Language ◽  
Structure Query Language ◽  
Web Page ◽  
Structured Query Language ◽  
On Line ◽  
Structure Query ◽  
Application Developers ◽  
The Web

At present the web applications are used for most of the life activities, these applications are affected by an attack called (Structure Query Language Injection Attack) SQLIA due to the vulnerabilities of the web application. The vulnerabilities of the web application are increased because most of application developers do not care to security in designing.SQL injection is a common attack that infects a web application. The attacker adds (Structured Query Language) SQL code to web page for accessing and changing victim databases.The vital step in securing the database and detecting such an attack in web apps is preparing a tool. Many researchers propose different ways for detection and prevention of such as an attack. In this paper a tool it proposed using a powerful micro-framework web application designer called Flask in Python 3.7 to detect and prevent such attacks. The proposed system is called SQLIAD. SQLIAD analyzed a web application on-line.

scholarly journals SQL Injection Detection and Prevention Techniques in ASP.NET Web Application

2019 ◽  
Vol 8 (3) ◽  
pp. 7759-7766
Keyword(s):  
Private Information ◽  
Web Application ◽  
Query Language ◽  
Mobile Apps ◽  
Economic Loss ◽  
Structure Query Language ◽  
Sql Injection ◽  
Injection Attacks ◽  
Structure Query ◽  
Sql Injection Attacks

Injection in SQL (structure query language) is one of the threats to web-based apps, mobile apps and even desktop applications associated to the database. An effective SQL Injection Attacks (SQLIA) could have severe implications for the victimized organization including economic loss, loss of reputation, enforcement and infringement of regulations. Systems which do not validate the input of the user correctly make them susceptible to SQL injection. SQLIA happens once an attacker can incorporate a sequence of harmful SQL commands into a request by changing back-end database through user information. To use this sort of attacks may readily hack applications and grab the private information by the attacker. In this article we introduce deferential sort of process to safeguard against current SQLIA method and instruments that are used in ASP.NET apps to detect or stop these attacks.

Distributed Geographic Structure Query Language-DGSQL

2015 ◽  
Vol 9 (2) ◽  
pp. 328-336 ◽  
Author(s):  
Liang Wu ◽  
Zhanlong Chen ◽  
Xincai Wu ◽  
Zhong Xie
Keyword(s):  
Query Language ◽  
Structure Query Language ◽  
Geographic Structure ◽  
Structure Query

Detection of structure query language injection vulnerability in web driven database application

2020 ◽  
Author(s):  
Muhammad Saidu Aliero ◽  
Kashif Naseer Qureshi ◽  
Muhammad Fermi Pasha ◽  
Awais Ahmad ◽  
Gwanggil Jeon
Keyword(s):  
Query Language ◽  
Structure Query Language ◽  
Database Application ◽  
Structure Query

scholarly journals PERANCANGAN APLIKASI POINT OF SALE BERBASIS WEB PADA TOKO PROJECT SALFA TARAKAN

Sebatik ◽  
2021 ◽  
Vol 25 (2) ◽  
pp. 624-631
Author(s):  
Suprianto Suprianto ◽  
Muhammad Fadlan ◽  
Denis Prayogi
Keyword(s):  
Query Language ◽  
Structure Query Language ◽  
Point Of Sale ◽  
Structure Query

Aplikasi Point of Sale yang biasa disebut POS merupakan aplikasi yang dapat membantu proses transaksi penjualan seperti pada toko yang umumnya terjadi kegiatan jual beli. Toko Project Salfa yang bergerak di bidang penjualan dan penyedia jasa saat ini masih menggunakan pencatatan manual di setiap transaksi sehingga menyulitkan pemilik ketika akan melakukan rekapitulasi terkait laporan penjualan maupun pemasukan. Penelitian ini membuat aplikasi POS berdasarkan kebutuhan dari pemilik toko dengan menggunakan model Waterfall sebagai perancangan dan pengembangan aplikasinya. Dari penerapan model Waterfall, dapat dihasilkan aplikasi yang memiliki fitur-fitur yang sesuai dengan kebutuhan pemilik toko seperti dapat melakukan pendataan barang, member, seller, transaksi penjualan, pengeluaran serta laporan-laporan dari transaksi tersebut yang dicatat dalam bentuk kas di aplikasi POS. aplikasi dibuat berbasis web agar memudahkan pengembangan ke depannya dengan menggunakan bahasa pemrograman PHP (Hypertext Pre-processor) dan database berbasis jaringan seperti MySQL (My Structure Query Language).

Bind but Dynamic Technique

2009 ◽  
pp. 880-890
Author(s):  
Ahmad Hammoud ◽  
Ramzi A. Haraty
Keyword(s):  
Web Application ◽  
Efficient Solution ◽  
Web Applications ◽  
Query Language ◽  
Sql Injection ◽  
Injection Attacks ◽  
Dynamic Technique ◽  
Structured Query Language ◽  
Sql Injection Attacks ◽  
Web Developers

Most Web developers underestimate the risk and the level of damage that might be caused when Web applications are vulnerable to SQL (structured query language) injections. Unfortunately, Web applications with such vulnerability constitute a large part of today’s Web application landscape. This article aims at highlighting the risk of SQL injection attacks and provides an efficient solution.

Sign in / Sign up

Export Citation Format

Share Document