A Novel SQL Injection Prevention Technique Using Data Hashing

Khili, Slim (2019) A Novel SQL Injection Prevention Technique Using Data Hashing. Masters thesis, Dublin, National College of Ireland.

Preview

PDF (Master of Science) Download (1MB) | Preview

Abstract

SQL Injection (SQLI) is one of the most discussed topics when it comes to web application security. Attackers use this technique to break into the database by gaining unauthorized access. This work presents a novel technique to prevent SQLI attacks based on cryptography by applying a more secure encryption mechanism. The previously commonly deployed encryption algorithms are md5, SHA family and RIPEMD; however they are considered to be weak and vulnerable and they should not be used anymore. This new method aims to prevent SQLI by securing the database with the more secure encryption algorithm, bcrypt. The key motivation for this choice is that bcrypt is generally resistant to attacks and offers the best security. This paper demonstrates the strength of bcrypt in defending against SQLI.

Item Type:	Thesis (Masters)
Subjects:	Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software T Technology > T Technology (General) > Information Technology > Computer software Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions:	School of Computing > Master of Science in Cyber Security
Depositing User:	CAOIMHE NI MHAICIN
Date Deposited:	15 Oct 2019 11:51
Last Modified:	15 Oct 2019 11:51
URI:	http://norma.ncirl.ie/id/eprint/3900

Actions (login required)

View Item