NCI WEBSITE
NORMA eResearch @NCI Library

Protecting User Credentials against SQL Injection through Cryptography and Image Steganography

Tools

Banga, Parmit Singh, Portillo-Dominguez, A. Omar and Ayala-Rivera, Vanessa (2022) Protecting User Credentials against SQL Injection through Cryptography and Image Steganography. In: Proceedings - 2022 10th International Conference in Software Engineering Research and Innovation, CONISOFT 2022. IEEE, San José Chiapa, Mexico, pp. 121-130. ISBN 978-166546126-9

Full text not available from this repository.
Official URL: https://doi.org/10.1109/CONISOFT55708.2022.00025

Abstract

As today's world is all about the internet and technology, the whole context of businesses has been shifted digitally. Almost every sector has established itself on a digital platform. Such a digital platform typically requires a website and a database that contains and stores a large amount of user data. However, the over resilience on websites also opens the gates for malicious attackers to try compromising those websites and get access to their information, such as user credentials. As per the Open Web Application Security Project (OWASP), SQL injection is one of the top-rated vulnerabilities currently faced by the software development community. SQL injection involves manipulating queries made to databases and executing malicious operations on them; this allows, among other actions, retrieving sensitive information. Due to its relevance, various approaches have been proposed to better protect user information from potential attackers. Although data security has certainly increased thanks to those efforts, there are still loopholes that an attacker might exploit. This paper proposes a hybrid approach using hashing, encryption, and image steganography to improve the security of user credentials stored in databases. Our work aims to help developers to integrate best practices in password security as part of the software development life cycle to prevent data breaches by ensuring the confidentiality of sensitive information. The proposed approach has been experimentally evaluated, obtaining good results which demonstrate its feasibility.

Item Type: Book Section
Uncontrolled Keywords: Cryptography; Data Security; Secure Software Engineering; SQL Injection; Web Development
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4150 Computer Network Resources > The Internet > World Wide Web
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunications > The Internet > World Wide Web
Divisions: School of Computing > Staff Research and Publications
Depositing User: Tamara Malone
Date Deposited: 30 Jul 2025 15:43
Last Modified: 30 Jul 2025 15:43
URI: https://norma.ncirl.ie/id/eprint/8357

Actions (login required)

View Item View Item