SQLi and XSS Attack Introduction and Prevention Technique

Harshad Gaikwad; Bhavesh B. Shah; Priyanka Chatte

Call for Paper

May Edition

IJCA solicits high quality original research papers for the upcoming May edition of the journal. The last date of research paper submission is 22 April 2024

Submit your paper

Know more

The week's pick

Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin

Random Articles

Analysis of Randomized Performance of Bias Parameters and Activation Function of Extreme Learning Machine

February

2016

Hardware Implementation of FFT using Vertically and Crosswise Algorithm

December

2011

Security and Privacy of Image by Encryption, Lossy Compression and Iterative Reconstruction

January

2013

Empirical Characterization of Propagation Path Loss and Performance Evaluation for Co-Site Urban Environment

May

2013

Reseach Article

SQLi and XSS Attack Introduction and Prevention Technique

by Harshad Gaikwad, Bhavesh B. Shah, Priyanka Chatte

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 165 - Number 2

Year of Publication: 2017

Authors: Harshad Gaikwad, Bhavesh B. Shah, Priyanka Chatte

10.5120/ijca2017913798

Harshad Gaikwad, Bhavesh B. Shah, Priyanka Chatte . SQLi and XSS Attack Introduction and Prevention Technique. International Journal of Computer Applications. 165, 2 ( May 2017), 23-27. DOI=10.5120/ijca2017913798

@article{ 10.5120/ijca2017913798,

author = { Harshad Gaikwad, Bhavesh B. Shah, Priyanka Chatte },

title = { SQLi and XSS Attack Introduction and Prevention Technique },

journal = { International Journal of Computer Applications },

issue_date = { May 2017 },

volume = { 165 },

number = { 2 },

month = { May },

year = { 2017 },

issn = { 0975-8887 },

pages = { 23-27 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume165/number2/27547-2017913798/ },

doi = { 10.5120/ijca2017913798 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-07T00:11:19.994890+05:30

%A Harshad Gaikwad

%A Bhavesh B. Shah

%A Priyanka Chatte

%T SQLi and XSS Attack Introduction and Prevention Technique

%J International Journal of Computer Applications

%@ 0975-8887

%V 165

%N 2

%P 23-27

%D 2017

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Nowadays, web applications are common around the world. every major company/organization have a web application presence. Max of these organizations use web applications to provide various services to clients. Some of these web applications employ database driven content. The back-end database often contains confidential and sensitive information such Password, credit card number, financial data, medical data, email details. Typically the web user/client supplies information, such as a username and password and web server receive user request and interact with the back-end database and returned relevant data to the Front-end. Web Applications penetration testing and security has become progressively most important these days. A lot numbers of malicious attacks are being deployed on the web application. Due to dramatic increase in Web applications usage, Web application get vulnerable to variety of threats. Most of these malicious attacks are targeted towards the web application layer and waf firewall alone cannot prevent these kinds of attacks. The reason behind success of these attacks is the ignorance of application developers while coding the web applications and the predefined vulnerabilities in the existing technologies. Web application attacks are the latest trend and hackers are trying to hack/exploit the web application using different techniques. Various types of solutions are available as open source and in market. But the selection of suitable solution for the security of the organizational systems is a major issue. Some Attack Prevention Technique protect web applications from attacks they sit in front of web applications monitors activity, and block malicious traffic.

References

Chaitali Khairnar, “Detection and Automatic Prevention against SQL Injection Attack and XSS Attacks perform on web application,” Maharashtra india, vol. 5, issue 11,november 2015. .
Kuldeep Kumar, Dr. Debasish Jena and Ravi Kumar.”A Novel Appraoch to detect SQL injection injection in Web application”. 2013,InstaSafe Technologies Pvt. Ltd, Bangalore-560076.
Atefeh Tajpour, Suhaimi Ibrahim, Maslin Masrom, “SQL Injection Detection and Prevention Techniques” International Journal of Advancements in Computing Technology Volume 3, Number 7, August 2011
Punam Thopate, Purva Bamm, Apeksha Kamble, Snehal Kunjir, Prof S.M.Chawre"Cross Site Scripting Attack Detection & Prevention System".International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)Volume 3 Issue 11, November 2.
Cross-site Scripting (XSS): https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
Open web Application security project, XSS(cross site scripting).prevention cheat sheet,2011; http://www.owasp.org/index.php/Xss_(Cross_site_scripting))_preventation_cheat_Sheet

Index Terms

Computer Science

Information Sciences

Keywords

SQL injection attack SQL query XSS (cross site scripting) Web application Payload filters.