Study On SQL Injection Attacks: Detection And Prevention
Journal Title: International Journal for Research in Applied Science and Engineering Technology (IJRASET) - Year 2017, Vol 5, Issue 7
Abstract
SQL injection also referred to as SQLI in short. It is the most dangerous way in which our data can be hacked. Hackers can get to our databases prudently through Web Interface and can delete, modify the important content of database. The principle behind SQL Injection is very simple, but utter dangerous and powerful. When the application takes input from user through any form etc. the malicious users get opportunity to enter the diligently crafted data which will be interpreted as the SQL query instead of the data. This query will extract the database details and will let the doors wide open for the opportunists to misuse the data. Not only database modification of database, this will let the hackers to get unauthorized access to the application services also. Injection attack is at the first place of the top 10 web attacks that are executed in 2013. SQL injection is a method for exploiting web applications that use client supplied data in SQL queries. SQL Injection refers to the technique of inserting SQL meta characters and commands into Web based input fields in order to manipulate the execution of the backend SQL queries. The occurrence of SQLI is triggered when hacker changes the functioning of query by inserting SQL commands. Our goal is to implement different SQLI attacks and through the results we will see how important data is compromised by changing the query. This loss of data can cause a company to lose in millions. We will try to analyse various attacks in order to get an in depth knowledge of how these attacks work.
Authors and Affiliations
Rishab Garg, Priya Gupta, Rohan Kr Sachdeva
Keywords
Related Articles
- EP ID EP24833
- DOI -
- Views 393
- Downloads 14
Fault Tolerant Protocol for UDS Flash Programming through Controller Area Network (CAN)
This paper proposes a fault tolerant protocol for CAN (Control Area Network) flash programming. Recently, the need of CAN flash programming is rapidly increasing because the number of installed ECU (Electronic Control...
Face Recognition Based Attendance System with Student Monitoring Using RFID Technology
In an every institute, maintaining the attendance of a student in the classroom will play a major role. If we take manually it requires a lot of time. There are several automatic methods are available in this aspect the...
Power Quality Improvement with a Shunt Active Power Filters using Fuzzy Logic
Along with the increasing demand on improving power quality i.e generally defined as any change in power (voltage, current, or frequency) that interferes with the normal operation of electrical equipment, the most popul...
The State – of the – Art of Library Resource Sharing Activities of the Rizal Technological University
In the emergence and integration of information technology, it is rarely possible for a library or information center to have enough resources to fulfill the needs of its clients. What is being delivered is only a porti...
Multi Check-Sign: Integration of Multimodal Verification Using Signature Identification & Android Based Graphical Pattern Analysis
In the existing system, internet banking applications have become more and more complex, it is unsecure one. In the proposed system, internet banking when registering the application for the token, a signature or a set...