SQLStor: Blockage of stored procedure SQL injection attack using dynamic query structure validation

S. Mamadhan; T. Manesh; V. Paul

doi:10.1109/ISDA.2012.6416544

Back

Conference proceeding

SQLStor: Blockage of stored procedure SQL injection attack using dynamic query structure validation

S. Mamadhan, T. Manesh and V. Paul

2012 12th International Conference on Intelligent Systems Design and Applications (ISDA), pp.240-245

11/2012

DOI: https://doi.org/10.1109/ISDA.2012.6416544

Abstract

Arraylist

Databases

Electronic mail

Intelligent systems

Parse Tree

Reactive power

Semantics

Servers

SQL injection

Syntactics

Web application

Web applications are becoming an important part of our daily life. So attacks against them also increases rapidly. Of these attacks, a major role is held by SQL injection attacks (SQLIA). This paper proposes a new method for preventing SQL injection attacks in JSP web applications. The basic idea is to check before execution, the intended structure of the SQL query. For this we use semantic comparison. This method prevents different kinds of injection attacks including stored procedure attack which is more difficult and less considered in the literature.

Metrics

1 Record Views

Details

Title: SQLStor: Blockage of stored procedure SQL injection attack using dynamic query structure validation
Creators - without role: S. Mamadhan - Department of CS, Adi Shankara Institute of Engineering & Technology, Kalady, India
T. Manesh - Department of IT, Adi Shankara Institute of Engineering & Technology, Kalady, India
V. Paul - Cochin University of Science and Technology
Publication Details: 2012 12th International Conference on Intelligent Systems Design and Applications (ISDA), pp.240-245
Publisher: IEEE
Identifiers: 9925982708331
Academic Unit: Prince Sattam Bin Abdulaziz University
Language: English
Resource Type: Conference proceeding