• Login
    • University Home
    • Library Home
    • Lib Catalogue
    • Advance Search
    View Item 
    •   IR@KDU Home
    • ACADEMIC JOURNALS
    • International Journal of Research in Computing
    • Volume 01 , Issue 02, 2022
    • View Item
    •   IR@KDU Home
    • ACADEMIC JOURNALS
    • International Journal of Research in Computing
    • Volume 01 , Issue 02, 2022
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    SQL Injection Detection and Preventive Approach for Web Applications

    Thumbnail
    View/Open
    SQL injection detection.pdf (1.080Mb)
    Date
    2022-08
    Author
    Ariyathilake, GJM
    Sandeepanie, MHR
    Rupasinghe, PL
    Metadata
    Show full item record
    Abstract
    Presently, the most highly used method of global communication is web applications and used for long-distance communication, online marketing, research and development, distance learning, e-banking and social media networks. Since web applications are available for the global community with access for anyone, web applications confront numerous security issues, specifically due to web-based c yberattacks. The SQL injection attack is the most prevailing web-based cyber-attacks globally, belonging to high-rank classifications. Because of the increased number of global online services with a high rate, SQL injection attacks also are amplified r apidly. Most SQL injection attacks are successful due to a lack of proper validation. However, a successful SQL injection attack highly interferes with databases’ integrity, availability, and confidentiality. Therefore, there is a vital global requirement to overcome SQL injection attacks. Accordingly, there are three key objectives. The first objective is to detect the SQL injection attacks affecting web servers. The second objective is to explore the preventive solution for SQL injection attacks affecting the web servers. The third objective is to share the knowledge on SQL injection attacks with other researchers. Towards overcoming predominant issues, a periodically and continuously running PHP-based programme, which can identify patterns of SQL injection attacks recorded in PHP Apache log files and blocking the identified suspicious IP addresses, was designed as the adopted me thodology. Statistics of total suspicious IP addresses and black listed IP addresses with their hitting counts and time were obtained while preventing access of black listed IP addresses to the Apache webserver. The proposed solution facilitates continuous monitoring of suspicious activities while blocking vulnerable hosts using its IP addresses automatically with securing web servers from the SQL injection attack.
    URI
    http://ir.kdu.ac.lk/handle/345/5768
    Collections
    • Volume 01 , Issue 02, 2022 [5]

    Library copyright © 2017  General Sir John Kotelawala Defence University, Sri Lanka
    Contact Us | Send Feedback
     

     

    Browse

    All of IR@KDUCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsFacultyDocument TypeThis CollectionBy Issue DateAuthorsTitlesSubjectsFacultyDocument Type

    My Account

    LoginRegister

    Library copyright © 2017  General Sir John Kotelawala Defence University, Sri Lanka
    Contact Us | Send Feedback