SQL Injection Attack Detection Based on Similarity Matching Between Vectors Extracted From Design Time and Run-Time Queries
Journal Title: International Journal of Experimental Research and Review - Year 2024, Vol 42, Issue 6
Abstract
Everyone uses web-based applications to carry out daily business and personal tasks. These programmes are vulnerable to attack by hackers, who may also misuse the data. The most serious attack with the greatest damaging potential on digital platforms is the structured query language injection attack (SQLiA). The backend databases could be corrupted or destroyed by SQLiA if it manages to breach security protections. Using SQLiA tactics, hackers can get unauthorized access, steal important data, and take over the network completely or partially. An automatic SQL injection prevention and detection technique is needed to safeguard web-based applications from SQLiA. This research suggests a novel similarity-matching algorithm of vectors extracted from design time and run-time queries. This technique allocates the weights of different SQL keywords used in design time and run-time queries and further design time and run-time vectors have been created from respective queries. The similarity between the design time and run time vector is determined by calculating the angle between these two vectors. The angle of deviation between the design time vector and run time vector is calculated and if the angle of deviation is zero, then it is concluded as no SQL injection otherwise, it indicates the existence of SQLiA vulnerability. The proposed algorithm is validated against the GitHub dataset. In the first dataset, out of 1300 injected queries, the proposed method identifies 1219 injected queries; out of 300 normal queries, it identifies 290 normal queries with 93.76% and 96.66% detection accuracy, respectively. Similarly, for the second dataset, out of 10489 injected queries, it identifies 10280 injected queries and out of 301 normal queries, it identifies 280 normal queries with 98.01% and 93.02% detection accuracy, respectively.
Authors and Affiliations
Jayanto Kumar Chowdhury, Dilip Kumar Yadav, Chandra Mouli P. V. S. S. R
Keywords
Related Articles
- EP ID EP743567
- DOI 10.52756/ijerr.2024.v42.001
- Views 22
- Downloads 0
Load balancing techniques in cloud platform: A systematic study
In the current scenario, researchers have made a new invention and added to the computing paradigm every next second. Cloud computing is one of the most demanding, practical, accessible and extended technologies based on...
Diurnal variation in the activities of three common Odonate species at their natural habitat
Odonata is a common insect order of India which acts as a bioindicator of the wetland ecosystem. Both Dragon and Damsel fly exhibit diurnal variation of their activity which is related to environmental thermal intensity....
Use of Node credibility and Andrews plot to detect and prevent BHA in MANET
The MANET wireless network operates independently of any infrastructure and can establish connections dynamically, making it highly accessible regardless of the environment. However, the network is vulnerable to attacks...
Performance Evaluation and Management of Indian Manufacturing Organizations Through Fuzzy Optimization Techniques
In a context of intense competition, evaluating financial performance is crucial for manufacturing sectors. As such, a precise and fitting performance review is essential. In the process of evaluation, financial performa...
Relationship between physical activity and smoking behavior among college students
Poor diet, alcohol consumption and cigarette smoking constitute a major public health concern for West Bengal, India. These behaviours are increased among day by day among students which are problematic particularly in t...