All Title Author
Keywords Abstract

A Method of Detecting Sql Injection Attack to Secure Web Applications

Keywords: Arraylist , Attack , Parse Tree , Semantics , SQL injection , Web application.

Full-Text   Cite this paper   Add to My Lib


Web applications are becoming an important part of our daily life. So attacks against them also increasesrapidly. Of these attacks, a major role is held by SQL injection attacks (SQLIA). This paper proposes anew method for preventing SQL injection attacks in JSP web applications. The basic idea is to checkbefore execution, the intended structure of the SQL query. For this we use semantic comparison. Ourfocus is on stored procedure attack in which query will be formed within the database itself and sodifficult to extract that query structure for validation. Also this attack is less considered in the literature.


comments powered by Disqus