DEPLOYMENT OF REVERSE PROXY FOR THE MITIGATION OF SQL INJECTION ATTACKS USING INPUT-DATA CLEANSING ALGORITHM


DEPLOYMENT OF REVERSE PROXY FOR THE MITIGATION OF SQL INJECTION ATTACKS USING INPUT-DATA CLEANSING ALGORITHM

S. Fouzul Hidhaya1, 2 and Angelina Geetha1, 3

 1 Department of Computer science and Engineering, B.S. Abdur Rahman University, Chennai, Tamilnadu, India.

ABSTRACT 

Internet has eased the life of human in numerous ways, but the drawbacks like the intrusions that are attached with the Internet applications sustains the growth of these applications. Hackers find new methods to intrude the applications and the web application vulnerability reported is increasing year after year. One such major vulnerability is the SQL Injection attacks (SQLIA). Since SQLIA contributes 25% of the total Internet attacks, much research is being carried out in this area. In this paper we propose a method to detect the SQL injection. We deploy a Reverse proxy that uses the input-data cleansing algorithm to mitigate SQL Injection Attack. This system has been tested on standard test bed applications and our work has shown significant improvement in detecting and curbing the SQLIA. 

KEYWORDS

SQL Injection, SQL attack, Security threats, Web application vulnerability.

SOURCE URL

https://wireilla.com/papers/ijcis/V2N4/2412ijcis08.pdf

VOLUME URL

https://wireilla.com/ijcis/vol2.html




Comments

Post a Comment

Popular posts from this blog

Implementation of a New Methodology to Reduce the Effects of Changes of Illumination in Face Recognition-based Authentication Andres

Image
Implementation of a New Methodology to Reduce the Effects of Changes of Illumination in Face Recognition-based Authentication Andres  Alarcon-Ramirez, and Mohamed F. Chouikha  Department of Electrical Engineering, Howard University, Washington DC ABSTRACT   In this paper, the study of the effects of illumination changes in the process of face recognition is discussed. Additionally, a new methodology that integrates Single-Scale Retinex (SSR) and Scale Invariant Feature Transform (SIFT) is presented. The proposed methodology addresses the problem of illumination changes in face recognition-based authentication systems. To do this, the SSR transform eliminates the component of luminance from the face image and recovers the reflectance component which is invariant to illumination changes; then, the SIFT transform detects interest points from the reflectance component of the face image. The interest points are features rich in information and may be used to ...
Read more

A DEFENSE MECHANISM FOR CREDIT CARD FRAUD DETECTION

Image
A DEFENSE MECHANISM FOR CREDIT CARD FRAUD DETECTION   M.Sasirekha , Sumaiya Thaseen   and Saira Banu School of Computing Science and Engineering, VIT University, Tamil Nadu, India. ABSTRACT Computer security is one of the key areas where lot of research is being done. Many intrusion detection techniques are proposed to ensure the network security, protect network resources and network infrastructures. Intrusion detection systems (IDS) attempt to detect attacks by gathering network data and analyze the information from various areas to identify the possible intrusions. This paper proposes a defense mechanism combining three approaches such as anomaly, misuse and decision making model to produce better detection accuracy and a decreased false positive rate. The defense mechanism can be built to detect the attacks in credit card system using Hidden Markov approach in the anomaly detection module. The credit card holder’s behaviours are taken as attributes and t...
Read more

DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT

Image
DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT  Alexander Beck, Jens Graupmann, Frank Ortmeier Computer Systems in Engineering, Otto-von-Guericke-University, Magdeburg, Germany  ABSTRACT  The paper proposes a method based on different security-related factors to dynamically calculate the validity period of digital certificates. Currently validity periods are most often defined statically without scientific justification. This approach is not sufficient to objectively consider the actual need for security. Therefore the approach proposed in this paper considers relevant security criteria in order to calculate a meaningful validity period for digital certificates. This kind of security assessment can be executed periodically in order to dynamically respond to changing conditions. Especially in the context of complex systems and infrastructures that have an increased need for security, privacy and availab...
Read more