Low Cost Journal,International Peer Reviewed and Refereed Journals,Fast Paper Publication approved journal IJEDR(ISSN 2321-9939) apply for ugc care approved journal, UGC Approved Journal, ugc approved journal, ugc approved list of journal, ugc care journal, care journal, UGC-CARE list, New UGC-CARE Reference List, UGC CARE Journals, ugc care list of journal, ugc care list 2020, ugc care approved journal, ugc care list 2020, new ugc approved journal in 2020, Low cost research journal, Online international research journal, Peer-reviewed, and Refereed Journals, scholarly journals, impact factor 7.37 (Calculate by google scholar and Semantic Scholar | AI-Powered Research Tool)
INTERNATIONAL JOURNAL OF ENGINEERING DEVELOPMENT AND RESEARCH
(International Peer Reviewed,Refereed, Indexed, Citation Open Access Journal)
ISSN: 2321-9939 | ESTD Year: 2013
Google Scholar Impact Factor- 7.37 (Year 2020)

Current Issue

Call For Papers
June 2023
Volume 11 | Issue 2
Last Date : 29 June 2023
Review Results: Within 12-20 Days

For Authors

Archives

Indexing Partner

Research Area

LICENSE
Paper Details
Paper Title
Comparison Between Various Detection and Prevention Techniques for SQL Injection Attacks
Authors
  Anurekh kumar,  Shobha bhatt

Abstract
In this paper, we present a detailed review on using dynamic queries, there are lots of chances that a user may inject in the query some extra statements that can result in a different database request. Thus SQL injection gives information can be stolen from the database. Most applications are designed in a way that the request of data from database is done through user inputs. An attacker can inject in the original SQL query and obtain, change, or view data for which he does not have permission. The aim of our research is to develop a method that detects and prevents SQL injection attacks by checking whether user inputs cause changes in the query's intended result. We proposed a method to detect SQL injection attacks by using Query tokenization that is implemented by the QueryParser method. When attacker is making SQL injection he should probably use a space, single quotes or double dashes in his input. Our method consists of tokenizing original query and a query with injection separately, the tokenization is performed by detecting a space, single quote or double dashes and all strings before each symbol constitute a token. After tokens are formed they all make an array for which every token is an element of the array. Two arrays resulting from both original query and a query with injection are obtained and their lengths are compared to detect whether there is injection or not. As a result, the access to data can be granted or denied once the lengths of the arrays are the same or different respectively.

Keywords- IndexTerms - Tokenization, SQL Injection Attacks.
Publication Details
Unique Identification Number - IJEDR1503033
Page Number(s) -
Pubished in - Volume 3 | Issue 3 | July 2015
DOI (Digital Object Identifier) -   
Publisher - IJEDR (ISSN - 2321-9939)
Cite this Article
  Anurekh kumar,  Shobha bhatt,   "Comparison Between Various Detection and Prevention Techniques for SQL Injection Attacks", International Journal of Engineering Development and Research (IJEDR), ISSN:2321-9939, Volume.3, Issue 3, pp., July 2015, Available at :http://www.ijedr.org/papers/IJEDR1503033.pdf
Share This Article


Article Preview

ISSN Details




DOI Details



Providing A digital object identifier by DOI
How to get DOI?

For Reviewer /Referral (RMS)

Important Links

NEWS & Conference

Digital Library

Our Social Link
© Copyright 2024 IJEDR.ORG All rights reserved
Home | Terms & Conditions |Disclaimer| Facebook | Contact us