{"title":"防止跨站脚本和SQL注入攻击对web应用程序的影响分析","authors":"Rathod Mahesh Pandurang, D. Karia","doi":"10.1109/IBSS.2015.7456668","DOIUrl":null,"url":null,"abstract":"Web applications provide immeasurable large facilities to the users. The usability and popularity of web applications have expanded. This has caused various types of attacks over them. SQL injection and XSS (Cross Site Scripting) attacks are very famous to exploit the web applications. To sneak into the web application database, one can use SQL injection attack that may cause database alteration or imparting vital details while XSS is one more threat in which malicious user tricks the input data given that may steer to the modification in webpage viewing or redirection of user to attacker's working space. The proposed Intrusion Detection System is a container based approach that is based on a mapping model. In this, a request to query mapping is applied to recognise and prevent such class of attacks. The container based approach to identify two different client requests have been used. The impact measurement of this container based approach on the web server is calculated using http_load and autobench tool. The web application performance measurement based on various parameters such as average page time, pages per second, memory and processing time for container based approach has been carried out and compared with the existing approach.","PeriodicalId":317804,"journal":{"name":"2015 IEEE Bombay Section Symposium (IBSS)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Impact analysis of preventing cross site scripting and SQL injection attacks on web application\",\"authors\":\"Rathod Mahesh Pandurang, D. Karia\",\"doi\":\"10.1109/IBSS.2015.7456668\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web applications provide immeasurable large facilities to the users. The usability and popularity of web applications have expanded. This has caused various types of attacks over them. SQL injection and XSS (Cross Site Scripting) attacks are very famous to exploit the web applications. To sneak into the web application database, one can use SQL injection attack that may cause database alteration or imparting vital details while XSS is one more threat in which malicious user tricks the input data given that may steer to the modification in webpage viewing or redirection of user to attacker's working space. The proposed Intrusion Detection System is a container based approach that is based on a mapping model. In this, a request to query mapping is applied to recognise and prevent such class of attacks. The container based approach to identify two different client requests have been used. The impact measurement of this container based approach on the web server is calculated using http_load and autobench tool. The web application performance measurement based on various parameters such as average page time, pages per second, memory and processing time for container based approach has been carried out and compared with the existing approach.\",\"PeriodicalId\":317804,\"journal\":{\"name\":\"2015 IEEE Bombay Section Symposium (IBSS)\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE Bombay Section Symposium (IBSS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IBSS.2015.7456668\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Bombay Section Symposium (IBSS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IBSS.2015.7456668","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Impact analysis of preventing cross site scripting and SQL injection attacks on web application
Web applications provide immeasurable large facilities to the users. The usability and popularity of web applications have expanded. This has caused various types of attacks over them. SQL injection and XSS (Cross Site Scripting) attacks are very famous to exploit the web applications. To sneak into the web application database, one can use SQL injection attack that may cause database alteration or imparting vital details while XSS is one more threat in which malicious user tricks the input data given that may steer to the modification in webpage viewing or redirection of user to attacker's working space. The proposed Intrusion Detection System is a container based approach that is based on a mapping model. In this, a request to query mapping is applied to recognise and prevent such class of attacks. The container based approach to identify two different client requests have been used. The impact measurement of this container based approach on the web server is calculated using http_load and autobench tool. The web application performance measurement based on various parameters such as average page time, pages per second, memory and processing time for container based approach has been carried out and compared with the existing approach.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
