期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2019
卷号:19
期号:8
页码:91-97
出版社:International Journal of Computer Science and Network Security
摘要:SQL Injection Attack (SQLIA) is a hot issue now a days in web applications and databases. SQL Injection ignores the authentication checks and affects the confidentiality of the database. SQLIA helps the invader to get the unauthorized access of the whole database and manipulate it. The existing tools and techniques like SQLRand, CANID, AMNESIA and SQL DOM mainly focus on providing access to the database only to the authenticated users. These tools do not provide complete prevention measures against the SQLIA. In this research, a novel Intrusion Detection and Prevention System (IDPMIA) is introduced. The proposed IDPMIA will detect the malicious queries before execution. Whenever an attacker tries to inject a suspicious query, it would immediately be recognized by IDPMIA and preventive measures will be taken. The proposed approach will be justified through case studies where multiple SQL Injection attacks will be simulated and results will be analyzed using the proposed model and existing state of the art techniques from literature.
关键词:Intrusion Detection & Prevention Model (IDPMIA); SQL; SQLIA
