Abstract:
With the web advancements are rapidly developing,
the greater part of individuals makes their transactions on
web, for example, searching through data, banking,
shopping, managing, overseeing and controlling dam and
business exchanges, etc. Web applications have gotten fit to
numerous individuals' day by day lives activities. Dangers
pertinent to web applications have expanded to huge
development. Presently a day, the more the quantity of
vulnerabilities will be diminished, the more the quantity of
threats become to increment. Structured Query Language
Injection Attack (SQLIA) is one of the incredible dangers of
web applications threats. Lack of input validation
vulnerabilities where cause to SQL injection attack on web.
SQLIA is a malicious activity that takes negated SQL
statement to misuse data-driven applications. This
vulnerability admits an attacker to comply crafted input to
disclosure with the application’s interaction with back-end
databases. Therefore, the attacker can gain access to the
database by inserting, modifying or deleting critical
information without legitimate approval. The paper presents
an approach which detects a query token with reserved
words-based lexicon to detect SQLIA. The approach
consists of two highlights: the first one creates lexicon and
the second step tokenizes the input query statement and
each string token was detected to predefined words lexicon
to prevent SQLIA. In this paper, detection and prevention
technologies of SQL injection attacks are experimented and
the result are satisfactory.
