Sql-Injection Tool for finding the Vulnerability and Automatic Creation of Attacks on JSP
Journal Title: International Journal of Advanced Research in Computer Engineering & Technology(IJARCET) - Year 2012, Vol 1, Issue 9
Abstract
These days’ cyber attacks have become a major concern because these attackers can steal important documents and damage websites and access confidential information and may drive many corporations that conduct their business through the web to suffer financial and reputation damages. Out of all those attacks the most dangerous cyber attack is the Structured Query Language (SQL)-injection attack. This type of attack can be easily made via normal web browsers that we use for surfing the net in our day to day life. A characteristic diagnostic feature of SQL injection attacks is that they change the intended structure of queries issued. Most web application developers do not apply user input validation and they are not aware about the consequences of such practices. Due to these inappropriate programming practices a large room for SQL-injection attack is left open which lure the hackers to steal confidential information from the servers’ database [4]. In order to handle this vulnerability and detect it, we must enhance the coding structure used for web application development and this requires development of a powerful tool that can automatically create SQL-injection attacks using efficient features (different attacking patterns). Our technique for detecting SQL injection is to dynamically mine the programmer - intended query structure on any input, and to detect attacks by comparing them against the intended query structure.
Authors and Affiliations
Praveen Kumar , 2Himanshu Kumar , Remya Joseph
Keywords
Related Articles
- EP ID EP125832
- DOI -
- Views 87
- Downloads 0
“Integrating Heterogeneous Data Sources Using XML”
Nowadays organizations not only are increasing the data volume, but also they have to work with a large variety of data sources with different types of data. The central problem of information sources integration r...
Survey on Data Sharing and Re-Encryption in Cloud
Cloud storage helps enterprises and government agencies significantly reduce their financial overhead of data management, since they can now archive their data backups remotely to third-party cloud storage provider...
WEIGHT ROTATION TECHNIQUE FOR PAPR REDUCTION IN OFDM
In this paper we propose Weight Rotation Technique for peak to- average power ratio (PAPR) reduction in OFDM systems. It is based on selected mapping (SLM) algorithm. The main drawback of the conventional SLM tec...
Modified Dactylogram Sifting
Fingerprint recognition has been with success utilized by enforcement agencies to spot suspects and victims for nearly a hundred years. Recent advances in automated fingerprint identification technology, in addition...
Color Image Segmentationusing Clustering Technique
This work presents image segmentation technique based on colour features with K-means clustering algorithm. In this we did not used any training data. In this paper, we present a simple and efficient implementation...