Title :
Combinatorial Approach for Preventing SQL Injection Attacks
Author :
Ezumalai, R. ; Aghila, G.
Author_Institution :
Dept. of Comput. Sci., Pondicherry Univ., Pondicherry
Abstract :
A combinatorial approach for protecting Web applications against SQL injection is discussed in this paper, which is a novel idea of incorporating the uniqueness of signature based method and auditing method. The major issue of web application security is the SQL injection, which can give the attackers unrestricted access to the database that underlie Web applications and has become increasingly frequent and serious. From signature based method standpoint of view, it present a detection mode for SQL injection using pair wise sequence alignment of amino acid code formulated from Web application form parameter sent via Web server. On the other hand from the Auditing based method standpoint of view, it analyzes the transaction to find out the malicious access. In signature based method It uses an approach called Hirschberg algorithm, it is a divide and conquer approach to reduce the time and space complexity. This system was able to stop all of the successful attacks and did not generate any false positives.
Keywords :
Internet; SQL; auditing; combinatorial mathematics; digital signatures; divide and conquer methods; Hirschberg algorithm; SQL injection attack; Web protection; Web server; amino acid code; auditing method; combinatorial approach; divide-conquer approach; pair wise sequence alignment; signature based method; Amino acids; Application software; Computer science; Counterfeiting; Cryptography; Data security; Databases; Intrusion detection; Protection; Space technology; DBMS Auditing; Hirschberg Algorithm; Needleman-Wunsch Algorithm; SQL Injection; Security;
Conference_Titel :
Advance Computing Conference, 2009. IACC 2009. IEEE International
Conference_Location :
Patiala
Print_ISBN :
978-1-4244-2927-1
Electronic_ISBN :
978-1-4244-2928-8
DOI :
10.1109/IADCC.2009.4809188
