CFP last date
22 July 2024
Reseach Article

Injection, Detection, Prevention of SQL Injection Attacks

by Abhay K. Kolhe, Pratik Adhikari
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 87 - Number 7
Year of Publication: 2014
Authors: Abhay K. Kolhe, Pratik Adhikari
10.5120/15224-3739

Abhay K. Kolhe, Pratik Adhikari . Injection, Detection, Prevention of SQL Injection Attacks. International Journal of Computer Applications. 87, 7 ( February 2014), 40-43. DOI=10.5120/15224-3739

@article{ 10.5120/15224-3739,
author = { Abhay K. Kolhe, Pratik Adhikari },
title = { Injection, Detection, Prevention of SQL Injection Attacks },
journal = { International Journal of Computer Applications },
issue_date = { February 2014 },
volume = { 87 },
number = { 7 },
month = { February },
year = { 2014 },
issn = { 0975-8887 },
pages = { 40-43 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume87/number7/15224-3739/ },
doi = { 10.5120/15224-3739 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:05:21.106657+05:30
%A Abhay K. Kolhe
%A Pratik Adhikari
%T Injection, Detection, Prevention of SQL Injection Attacks
%J International Journal of Computer Applications
%@ 0975-8887
%V 87
%N 7
%P 40-43
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

SQL injections have been always the top most priority for any website and web application. Every web application and website developed in php, asp. net, jsp which is connected to the database like MySQL, Microsoft SQL Server, and oracle are prone to SQL injection attacks. Most of the websites are created by using open source language such as php. The paper focuses the types of SQL injection attacks on the open source database in MySQL . The aim is to create a dummy web site where users can login and register. The attacker can login these dummy website using different types of SQL injection, make changes in the database, detect these types of attacks using IP tracking methods with their injection types and to prevent them.

References
  1. https://www. owasp. org/index. php/Top_10_2013-Top_10 25th Nov 2013.
  2. http://technet. microsoft. com/enus/library/ms161953(v=SQL. 105). aspx 25th Nov 2013.
  3. Ramakanth Dorai,Vinod Kannan, "SQL Injection-Database Attack Revolution and Prevention", Journal of International Commercial Law and TechnologyVol6, Issue 4 (2011).
  4. Perumalsamy Ramasamy, Dr. Sunitha Abburu,"SQL INJECTION ATTACK DETECTION AND PREVENTION" International Journal of Engineering Science and Technology (IJEST) ISSN: 0975-5462 Vol. 4 No. 04 April 2012
  5. http://php. net/manual/en/function. mySQL-real-escape-string. php 26 Nov 2013
  6. http://www. php. net/manual/en/mySQLi. quickstart. multiple-statement. php 26 Nov 2013
  7. http://us1. php. net/mySQL_error 26 Nov 2013
  8. Sid Ansari,Edward R. Sykes ,"SQL Injection in Oracle: An exploration of vulnerabilities", International Journal on Computer Science and Engineering (IJCSE) ISSN :0975-3397 Vol. 4 No. 04 April 2012 522.
  9. Zeinab Raveshi, Sonali R. Idate," Investigation and Analysis of SQL Injection Attacks on Web Applications: Survey", International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 2249 – 8958, Volume-2, Issue-3 February 2013.
Index Terms

Computer Science
Information Sciences

Keywords

MySQL SQL injection SQL injection vulnerability web security injection detection prevention of SQL injection