EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Securing web applications from SQLIA using progressive detector

N. Gunaseeli and D. Jeya Mala

International Journal of Information Systems and Change Management, 2017, vol. 9, issue 1, 44-69

Abstract: Web applications are distributed applications that are stored on a server and delivered to users over the internet. Many people enjoy its utilisation due its benefits such as global access, cost saving, faster delivery of products and opportunities to manage the business from anywhere in the world. The users of web applications expect that the web applications should be secure and reliable, while doing their online transactions. But, modern web applications face threats like cross-site scripting, cookie poisoning, buffer overflow etc. Among the attacks of web applications, SQLIA is one of the most significant of such threats. SQL injection attack is a type of injection attack (SQLIA), in which SQL commands are injected as data-plane input in order to affect the execution of predefined SQL commands. SQL injection is a code injection technique that exploits the security vulnerability occurring in the database layer of an application. It allows attackers to get unauthorised access to the back-end database consisting of confidential user information. The paper presents a novel approach and it prevents all types of SQLIAs with minimum time frame. The proposed system aims at preventing all types of SQLIA by quick identification of malicious query at run time. This novel approach has been framed with the progressive detector (PD) tool and carried out on real time web applications. The experimental results clearly show that the Progressive Detector prevents all kinds of SQLIAs with minimum time frames.

Keywords: software engineering; software security; database security; SQL injection; run time monitoring; vulnerabilities; web applications. (search for similar items in EconPapers)
Date: 2017
References: Add references at CitEc
Citations:

Downloads: (external link)
http://www.inderscience.com/link.php?id=86227 (text/html)
Access to full text is restricted to subscribers.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:ids:ijiscm:v:9:y:2017:i:1:p:44-69

Access Statistics for this article

More articles in International Journal of Information Systems and Change Management from Inderscience Enterprises Ltd
Bibliographic data for series maintained by Sarah Parker ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:ids:ijiscm:v:9:y:2017:i:1:p:44-69