Khili, Slim (2019) A Novel SQL Injection Prevention Technique Using Data Hashing. Masters thesis, Dublin, National College of Ireland.
|
PDF (Master of Science)
Download (1MB) | Preview |
Abstract
SQL Injection (SQLI) is one of the most discussed topics when it comes to web application security. Attackers use this technique to break into the database by gaining unauthorized access. This work presents a novel technique to prevent SQLI attacks based on cryptography by applying a more secure encryption mechanism. The previously commonly deployed encryption algorithms are md5, SHA family and RIPEMD; however they are considered to be weak and vulnerable and they should not be used anymore. This new method aims to prevent SQLI by securing the database with the more secure encryption algorithm, bcrypt. The key motivation for this choice is that bcrypt is generally resistant to attacks and offers the best security. This paper demonstrates the strength of bcrypt in defending against SQLI.
Actions (login required)
![]() |
View Item |