UCSY's Research Repository

A Detection and Prevention Technique on SQL Injection Attacks

Show simple item record

dc.contributor.author Hlaing, Zar Chi Su Su
dc.contributor.author Khaing, Myo
dc.date.accessioned 2020-03-13T05:57:14Z
dc.date.available 2020-03-13T05:57:14Z
dc.date.issued 2020-02-28
dc.identifier.citation 10.1109/ICCA49400.2020.9022833 en_US
dc.identifier.isbn 978-1-7281-5925-6
dc.identifier.uri http://onlineresource.ucsy.edu.mm/handle/123456789/2502
dc.description.abstract With the web advancements are rapidly developing, the greater part of individuals makes their transactions on web, for example, searching through data, banking, shopping, managing, overseeing and controlling dam and business exchanges, etc. Web applications have gotten fit to numerous individuals' day by day lives activities. Dangers pertinent to web applications have expanded to huge development. Presently a day, the more the quantity of vulnerabilities will be diminished, the more the quantity of threats become to increment. Structured Query Language Injection Attack (SQLIA) is one of the incredible dangers of web applications threats. Lack of input validation vulnerabilities where cause to SQL injection attack on web. SQLIA is a malicious activity that takes negated SQL statement to misuse data-driven applications. This vulnerability admits an attacker to comply crafted input to disclosure with the application’s interaction with back-end databases. Therefore, the attacker can gain access to the database by inserting, modifying or deleting critical information without legitimate approval. The paper presents an approach which detects a query token with reserved words-based lexicon to detect SQLIA. The approach consists of two highlights: the first one creates lexicon and the second step tokenizes the input query statement and each string token was detected to predefined words lexicon to prevent SQLIA. In this paper, detection and prevention technologies of SQL injection attacks are experimented and the result are satisfactory. en_US
dc.language.iso en en_US
dc.publisher Proceedings of the Eighteenth International Conference On Computer Applications (ICCA 2020) en_US
dc.subject SQL Injection Attack en_US
dc.subject Web applications en_US
dc.subject Malicious activity en_US
dc.subject Vulnerabilities en_US
dc.subject Input validation en_US
dc.title A Detection and Prevention Technique on SQL Injection Attacks en_US
dc.type Article en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search Repository



Browse

My Account

Statistics