An automated universal server level solution for SQL injection security flaw

Abstract

In this paper, the problem of SQL Injection attacks to web-based applications is discussed and described. The previous work on this problem is presented and the main problem of using manual solutions is highlighted. An automated universal server level solution calIed AUSELSQI is proposed and illustrated. The solution is shown to be universal for any Ype of web server and is applied automatically to all existing and future web applications residing on a web server. Experiments conducted show that the overhead of applying this solution is negligible. Comparison with other techniques is also presented.