Study On SQL Injection Attacks: Detection And Prevention

Apply

Study On SQL Injection Attacks: Detection And Prevention

Journal Title: International Journal for Research in Applied Science and Engineering Technology (IJRASET) - Year 2017, Vol 5, Issue 7

Abstract

SQL injection also referred to as SQLI in short. It is the most dangerous way in which our data can be hacked. Hackers can get to our databases prudently through Web Interface and can delete, modify the important content of database. The principle behind SQL Injection is very simple, but utter dangerous and powerful. When the application takes input from user through any form etc. the malicious users get opportunity to enter the diligently crafted data which will be interpreted as the SQL query instead of the data. This query will extract the database details and will let the doors wide open for the opportunists to misuse the data. Not only database modification of database, this will let the hackers to get unauthorized access to the application services also. Injection attack is at the first place of the top 10 web attacks that are executed in 2013. SQL injection is a method for exploiting web applications that use client supplied data in SQL queries. SQL Injection refers to the technique of inserting SQL meta characters and commands into Web based input fields in order to manipulate the execution of the backend SQL queries. The occurrence of SQLI is triggered when hacker changes the functioning of query by inserting SQL commands. Our goal is to implement different SQLI attacks and through the results we will see how important data is compromised by changing the query. This loss of data can cause a company to lose in millions. We will try to analyse various attacks in order to get an in depth knowledge of how these attacks work.

Authors and Affiliations

Rishab Garg, Priya Gupta, Rohan Kr Sachdeva

Keywords

SQLI; intrusion; attacks; database; scanning; vulnerability

EP ID EP24833
DOI -
Views 447
Downloads 14