NORMA eResearch @NCI Library

Detection and Prevention Technique of SQL Injection Attack to Protect Dynamic Web Application and Services

Parves, Shariar (2021) Detection and Prevention Technique of SQL Injection Attack to Protect Dynamic Web Application and Services. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (596kB) | Preview

Abstract

Structured Query Language Injection (SQLI) which is the common injection techniques that uses the malicious code. It helps to the hackers or attackers for bypassing the security of the application with malicious code replacement through the SQL statement. Successful SQL injection in the web application, helps to the attacker to modify, edit, delete as well as retrieve content in the SQL database. According to the lists of OWSAP (The Open Web Application Security Project), SQLI is the number one threats in terms of the top 10 security risk of the web application. In this proposal it will be explained new approach for tracing the attempt of SQL injection for defending the dynamic web application. This will also help for tracing most of the details of the attackers which are like device details, browser details, operating system, IP address of the users, users’ location. Information of the attackers will store to the database within the current time. Moreover, it will provide the instant notification in system admin. If attackers use botnet to attack to the system or application, it will also trace. Even it will also store the configuration of the device with high rate of the accuracy. Moreover, it will also provide the email notification. PHP regex, which is the powerful algorithm will use to implement the proposal. It will help for detecting SQL injection that is related to the statement in application. IP can be blocked through the cPanel if Suspicious activities that occurs through manual SQLI, botnet attack.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 29 Dec 2022 11:28
Last Modified: 29 Dec 2022 11:28
URI: https://norma.ncirl.ie/id/eprint/6038

Actions (login required)

View Item View Item