Show simple item record

dc.contributor.authorAriyathilake, GJM
dc.contributor.authorSandeepanie, MHR
dc.contributor.authorRupasinghe, PL
dc.date.accessioned2021-12-27T06:36:20Z
dc.date.available2021-12-27T06:36:20Z
dc.date.issued2021
dc.identifier.urihttp://ir.kdu.ac.lk/handle/345/5253
dc.description.abstractPresently, the most highly used method of global communication is web applications. It is used for long-distance communication, online marketing, health services, research and development, distance learning, e-banking and social media networks. Since web applications are available for global community with access for anyone at any time, web applications are confronted with numerous challenges that comprise of security issues, specifically owing to web-based cyber-attacks. The SQL injection attack is the most prevailing global web-based cyber-attack, and it belongs to high rank classifications. Because of the increased number of global online services with a high rate of cyber-attacks, SQL injection attacks also are amplified rapidly. Most of the SQL injection attacks are successful, due to lack of proper validation. However, a successful SQL injection attack highly interferes with integrity, availability and confidentiality of the data in the databases. Therefore, there is a vital global requirement to overcome SQL injection attacks. Towards overcoming predominant issues, a periodically and continuously running PHP based programme, which is able to identify patterns of SQL injection attacks recorded in PHP Apache log files, and is capable to block the identified suspicious IP addresses was designed as the adopted methodology. In this empirical research, statistics of total suspicious IP addresses and blacklisted IP addresses with their hitting counts and time were obtained, while preventing access of blacklisted IP addresses to the Apache web server. The proposed solution facilitates for continuous monitoring of suspicious activities, while blocking vulnerable hosts using its IP addresses automatically with securing web servers from the SQL injection attack.en_US
dc.language.isoenen_US
dc.subjectSQL injection attacksen_US
dc.subjectweb applicationsen_US
dc.subjectcommunicationen_US
dc.titleSQL Injection Detection and Prevention Solution for Web Applicationsen_US
dc.typeArticle Full Texten_US
dc.identifier.journalKDU IRC, 2021en_US
dc.identifier.issueFaculty of Computingen_US
dc.identifier.pgnos381-397en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record