• Login
    • University Home
    • Library Home
    • Lib Catalogue
    • Advance Search
    View Item 
    •   IR@KDU Home
    • INTERNATIONAL RESEARCH CONFERENCE ARTICLES (KDU IRC)
    • 2021 IRC Articles
    • Computing
    • View Item
    •   IR@KDU Home
    • INTERNATIONAL RESEARCH CONFERENCE ARTICLES (KDU IRC)
    • 2021 IRC Articles
    • Computing
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    SQL Injection Detection and Prevention Solution for Web Applications

    Thumbnail
    View/Open
    44.pdf (827.8Kb)
    Date
    2021
    Author
    Ariyathilake, GJM
    Sandeepanie, MHR
    Rupasinghe, PL
    Metadata
    Show full item record
    Abstract
    Presently, the most highly used method of global communication is web applications. It is used for long-distance communication, online marketing, health services, research and development, distance learning, e-banking and social media networks. Since web applications are available for global community with access for anyone at any time, web applications are confronted with numerous challenges that comprise of security issues, specifically owing to web-based cyber-attacks. The SQL injection attack is the most prevailing global web-based cyber-attack, and it belongs to high rank classifications. Because of the increased number of global online services with a high rate of cyber-attacks, SQL injection attacks also are amplified rapidly. Most of the SQL injection attacks are successful, due to lack of proper validation. However, a successful SQL injection attack highly interferes with integrity, availability and confidentiality of the data in the databases. Therefore, there is a vital global requirement to overcome SQL injection attacks. Towards overcoming predominant issues, a periodically and continuously running PHP based programme, which is able to identify patterns of SQL injection attacks recorded in PHP Apache log files, and is capable to block the identified suspicious IP addresses was designed as the adopted methodology. In this empirical research, statistics of total suspicious IP addresses and blacklisted IP addresses with their hitting counts and time were obtained, while preventing access of blacklisted IP addresses to the Apache web server. The proposed solution facilitates for continuous monitoring of suspicious activities, while blocking vulnerable hosts using its IP addresses automatically with securing web servers from the SQL injection attack.
    URI
    http://ir.kdu.ac.lk/handle/345/5253
    Collections
    • Computing [62]

    Library copyright © 2017  General Sir John Kotelawala Defence University, Sri Lanka
    Contact Us | Send Feedback
     

     

    Browse

    All of IR@KDUCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsFacultyDocument TypeThis CollectionBy Issue DateAuthorsTitlesSubjectsFacultyDocument Type

    My Account

    LoginRegister

    Library copyright © 2017  General Sir John Kotelawala Defence University, Sri Lanka
    Contact Us | Send Feedback