This document is a project report submitted by three students for their computer science and engineering degree. It proposes a combinatorial approach using signature-based and auditing methods to prevent SQL injection attacks on web applications. The signature-based method detects SQL injections by comparing amino acid codes formed from web application parameters to known codes. The auditing method analyzes transactions to identify malicious access. The system aims to stop all successful attacks with no false positives using an algorithm called Hirschberg to reduce complexity.
Original Description:
Original Title
rial Approach for Preventing SQL Injection Attacks
This document is a project report submitted by three students for their computer science and engineering degree. It proposes a combinatorial approach using signature-based and auditing methods to prevent SQL injection attacks on web applications. The signature-based method detects SQL injections by comparing amino acid codes formed from web application parameters to known codes. The auditing method analyzes transactions to identify malicious access. The system aims to stop all successful attacks with no false positives using an algorithm called Hirschberg to reduce complexity.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
This document is a project report submitted by three students for their computer science and engineering degree. It proposes a combinatorial approach using signature-based and auditing methods to prevent SQL injection attacks on web applications. The signature-based method detects SQL injections by comparing amino acid codes formed from web application parameters to known codes. The auditing method analyzes transactions to identify malicious access. The system aims to stop all successful attacks with no false positives using an algorithm called Hirschberg to reduce complexity.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
Injection Attacks Submitted for the Main Project in the branch of
COMPUTER SCIENCE AND ENGINEERING
By B.Moulika Sushma (07X41A0539)
G.Leela Pradeep (07X41A0533)
M.V.Divya (07X41A0536)
Project work carried out at
SRK INSTITUTE OF TECHNOLOGY Enikepadu SUBMITTED IN PARTIAL FULFILLMENT OF B.TECH. COMPUTER SCIENCE & ENGINEERING DEGREE PROGRAM UNDER THE SUPERVISION OF N. Neelima Priyanka (Assist.prof)
SRK INSTITUTE OF TECHNOLOGY
(Affiliated to J.N.T University, Kakinada) Abstract
A combinational approach for protecting Web applications against SQL
injections is discussed in this paper, which is novel idea of incorporating the uniqueness of signature based method and auditing method. The major issues of Web application security is SQL injection, which can give the attacker unrestricted access to the database that underlie the Web applications and has become increasingly frequent and serious. From signature based method standpoint of view, it presents a detection mode for SQL injection using pair wise sequence alignment of amino acid code for formulated from Web applications from parameter sent via Web server. On the other hand from the Auditing based method standpoint of view, it analyzes the transaction to find out the malicious access. In signature based method it uses an approach called Hirschberg algorithm, it is a divide and conquer approach to reduce the time and space complexity. This system is able to stop all the successful attacks and did not generate any false positive.