Program Analysis For Database Injections
Journal Title: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY - Year 2017, Vol 16, Issue 6
Abstract
Today businesses all around the world use databases in many different ways to store sensitive data. It is important that the data stored stay safe and does not get into the wrong hands. To perform data management in a database, the language SQL (Structured Query Language) can be used. It is extremely crucial to prevent these databases from being attacked to ensure the security of the users’ sensitive and private data. This journal will focus on the most common way hackers exploit data from databases through SQL injection, and it presents dynamic and static code testing to find and prevent these SQL cyber attacks by comparing two testing tools. It will also present a comparative analysis and static/dynamic code testing of two SQL injection detection tools. Burp Suite and Vega will be used to identify possible flaws in test cases dealing with users’ sensitive and private information. Currently, there are no comparisons of these two open-source tools to quantify the number of flaws these two tools are able to detect. Also, there are no detailed papers found fully testing the open-source Burp Suite and Vega for SQL Injection. These two open-source tools are commonly used but have not been tested enough. A static analyzer detecting SQL Injection will be used to test and compare the results of the dynamic analyzer. In addition, this paper will suggest techniques and methods to ensure the security of sensitive data from SQL injection. The prevention of SQL injection is imperative and it is crucial to secure the sensitive data from potential hackers who want to exploit it.
Authors and Affiliations
Chelsea Ramsingh, Paolina Centonze
Keywords
Related Articles
- EP ID EP650953
- DOI 10.24297/ijct.v16i6.6332
- Views 68
- Downloads 0
MODEL OF PERCEIVED INFLUENCE OF ACADEMIC PERFORMANCE USING SOCIAL NETWORKING
Social networking sites have created a new social dimension where individuals can increase their social awareness by keeping in touch with old friends, making new friends, getting new data or products and gathering infor...
Understanding and Elevating Web Practice Through Web Analytics Final
Web analytics is the measurement, collection, analysis and summarizing of internet data for purposes of understanding and optimizing web usage. To check the web analytics the website IJCT is considered. This paper is the...
Continuously Moving Objects Framework to Monitor Result Changes of Spatio Temporal Queries using Data Stream Management System
In this paper the concept of safe limit in the framework for continuously moving objects to monitor result changes of spatio temporal queries has been proposed. In this framework the movement of the moving object is moni...
Improve Enterprise Search using pattern matching and web mining techniques for E-Commerce Website
With the extensive expansion in the number of E-commerce websites, applying Web Usage Mining techniques to improve business is imperative. Also, employee as well as visitor satisfaction is important for an enterprise. Th...
SW-SDF based privacy preserving data classification
The core objective of privacy preserving data mining is to preserve the confidentiality of individual even after mining. The basic advantage of personalized privacy preservation is that the information loss is very less...