dc.description.abstract | Presently, the most highly used
method of global communication is web
applications. It is used for long-distance
communication, online marketing, health
services, research and development, distance
learning, e-banking and social media networks.
Since web applications are available for global
community with access for anyone at any time,
web applications are confronted with numerous
challenges that comprise of security issues,
specifically owing to web-based cyber-attacks.
The SQL injection attack is the most prevailing
global web-based cyber-attack, and it belongs to
high rank classifications. Because of the
increased number of global online services with
a high rate of cyber-attacks, SQL injection attacks
also are amplified rapidly. Most of the SQL
injection attacks are successful, due to lack of
proper validation. However, a successful SQL
injection attack highly interferes with integrity,
availability and confidentiality of the data in the
databases. Therefore, there is a vital global
requirement to overcome SQL injection attacks.
Towards overcoming predominant issues, a
periodically and continuously running PHP based
programme, which is able to identify patterns of
SQL injection attacks recorded in PHP Apache log
files, and is capable to block the identified
suspicious IP addresses was designed as the
adopted methodology. In this empirical research,
statistics of total suspicious IP addresses and
blacklisted IP addresses with their hitting counts
and time were obtained, while preventing access
of blacklisted IP addresses to the Apache web
server. The proposed solution facilitates for
continuous monitoring of suspicious activities,
while blocking vulnerable hosts using its IP
addresses automatically with securing web
servers from the SQL injection attack. | en_US |