Program Analysis For Database Injections
Journal Title: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY - Year 2017, Vol 16, Issue 6
Abstract
Today businesses all around the world use databases in many different ways to store sensitive data. It is important that the data stored stay safe and does not get into the wrong hands. To perform data management in a database, the language SQL (Structured Query Language) can be used. It is extremely crucial to prevent these databases from being attacked to ensure the security of the users’ sensitive and private data. This journal will focus on the most common way hackers exploit data from databases through SQL injection, and it presents dynamic and static code testing to find and prevent these SQL cyber attacks by comparing two testing tools. It will also present a comparative analysis and static/dynamic code testing of two SQL injection detection tools. Burp Suite and Vega will be used to identify possible flaws in test cases dealing with users’ sensitive and private information. Currently, there are no comparisons of these two open-source tools to quantify the number of flaws these two tools are able to detect. Also, there are no detailed papers found fully testing the open-source Burp Suite and Vega for SQL Injection. These two open-source tools are commonly used but have not been tested enough. A static analyzer detecting SQL Injection will be used to test and compare the results of the dynamic analyzer. In addition, this paper will suggest techniques and methods to ensure the security of sensitive data from SQL injection. The prevention of SQL injection is imperative and it is crucial to secure the sensitive data from potential hackers who want to exploit it.
Authors and Affiliations
Chelsea Ramsingh, Paolina Centonze
Keywords
Related Articles
- EP ID EP650953
- DOI 10.24297/ijct.v16i6.6332
- Views 60
- Downloads 0
Review on Software Testing Model Approach for Efficient Bug Finding With Yin-Yang Testing Theory
Model Selection for Software testing is very important prospective in various product accuracy. Through research on software testing model selection, seeking the most appropriate testing method to achieve most reasonable...
Enhanced Tiny Encryption Algorithm with Embedding (ETEA)
As computer systems become more pervasive and complex, security is increasingly important. Secure Transmission refers to the transfer of data such as confidential or proprietary information over a secure channel. Many se...
A PREDICTIVE CODING METHOD FOR LOSSLESS COMPRESSION OF IMAGES
Images are an important part of today's digital world. However, due to the large quantity of data needed to represent modern imagery the storage of such data can be expensive. Thus, work on efficient image storage (image...
An Overview of Data Analysis of EMR, Its Clinical Ontologies & Security in Database with respect to Todays Ehealth Apps
The convergence of the information and communication technology (ICT) has produced many exciting possibilities for developing new services in medical field for the citizens. Electronic medical records (EMRs) are used in...
Face Detection & Recognition using Tensor Flow: A Review
Face recognition has become a popular topic of research recently due to increases in demand for security as well as the rapid development of mobile devices. There are many applications which face recognition can be appli...