期刊名称:International Journal of Computer Science and Information Technologies
电子版ISSN:0975-9646
出版年度:2016
卷号:7
期号:2
页码:566-569
出版社:TechScience Publications
摘要:Web applications are used tremendously now-adaysas a means of dissemination for online services havingfinancial consequences such as online payment of bills, ebanking,e-commerce etc. Social networking, emails, ecommercecompanies, needs high security, confidentiality,integrity to availability to keep sensitive data. In order toprotect these data from unauthorized access the system mustbe configure and programming in a manner that it’s ensurethe trustworthiness for storing and publishing of information.SQL Injection Attacks (SQLIAs) is technique in which aportion of malicious SQL query segment is injected as a userinput which could result to obtain unrestricted access toconfidential information from database. In this paper we willdiscuss different type of SQLIAs technique and error messagegiven by database server when attackers apply illegal queryfor the same. And, proposed a novel technique to defendSQLIAs at different level after comparing runtime errormessage given by database server. If same Internet Protocol(IP) address is used for code injection numbers of time then itbuild a protective layer which reduce the data leakage andblock the IP address.
关键词:Structure Query Language (SQL); Structure;Query Language Injection Attacks (SQLIAs); Internet;Protocol (IP) Address; Vulnerabilities; Web Application; Web;Security.