期刊名称:International Journal of Computer Science and Information Technologies
电子版ISSN:0975-9646
出版年度:2014
卷号:5
期号:4
页码:5580-5583
出版社:TechScience Publications
摘要:In this era, we are totally dependent on web application like e-banking, e-shopping, online payments of bill etc. Sometime unauthorized users may access confidential data. As a consequence, the users could loss their confidential data or it may face complete destruction There are various type of attacks that can occur by the attacker these are Tautologies, Illegal/logical correct queries, union query, piggy based query, blind injection, timing attack. My method to attack on database is tautologies I implement a mechanism that detect & prevent the SQL injection by incorporating the technique of “CRYPTOGRAPHY HASHING FUNCTION USING MD5 to eliminate SQL Injection vulnerabilities up to some extent. The propose approach is a cryptographic for such attacks. This approach is based on a cryptographic hashfunction, which computes the Hash value of user inputs, finds the database record based on the user inputs and compares the encrypted hash value of the input fields against the hash value of the login information stored in the database. The value of MD5 is considered to be a highly reliable fingerprint that can be used to verify the integrity of the file's contents. If as little as a single bit value in the file is modified, the MD5 value for the file will completely change. Forgery of a file generates the same result in MD5 as that for the original file is considered to be extremely difficult. The MD5 checksums for critical system, application, and data files provides a compact way to store information for use during periodic integrity checks of those files In this way, this proposed approach prevents the SQL injection attacks
关键词:SQL;TYPE of Attacks;MD5;Cryptography hash;function;PHP
