Abstrait

An Effective Approach for Detecting and Preventing Sqlinjection Attacks

M. Roslinmary, S. Sivasakthi, A. Shenbaga Bharatha Priya

Many software systems have evolved to include a Web-based component that makes them available to the public via the Internet and can expose them to a variety of Web-based attacks mainly SQL-Injection attack. SQLInjection attack will give attackers unrestricted access to the database. SQL-Injection Preventer prevents various set of database attacks and also security problems related to input validation. This is a highly automated approach for protecting the web applications against SQL-Injection and it has more practical advantages than that of existing techniques. For example, usage of defensive coding practices in most of existing systems. This technique is precise and efficient and has minimum deployment requirements. The methodologies used behind this approach are positive tainting and flexible syntax aware evaluation. Positive tainting marks and tracks certain data in a program at run time. This project is implemented on credit card based application that prevents unauthorized access to the database by attackers and also provide proper relevant transaction needed by the user.

Avertissement: Ce résumé a été traduit à l'aide d'outils d'intelligence artificielle et n'a pas encore été examiné ni vérifié