{"title":"利用查询哈希技术防止SQL注入攻击","authors":"Yash Swarup, Anuj Kumar, A. Tyagi, Vimal Kumar","doi":"10.1109/ICORT52730.2021.9581804","DOIUrl":null,"url":null,"abstract":"Web applications are a vital part of day-to-day life. Many critical services like shopping, health, banking, data communication and transport are partly or completely dependent on the Internet. Simultaneously, different kinds of the attacks in the network are introduced by various kinds of attacker. One of the important security attacks is SQL injection. It is a web application vulnerability by which an attacker can get unauthorized access to the database of a website. With the help of SQL injection an attacker can take control of any website if attacker is able to get the credentials of the administrator of the website. In some cases, an attacker may access, delete or modify the data in the database that may cause permanent changes in the applications' content or behavior. In this paper, we have proposed a new technique to prevent SQL Injection attacks by comparing the hash value of the generated query with the hashed value of the legitimate query. Our scheme can be easily added to any prebuilt website build using any language or database type as it requires only few changes to be made in the code of the language.","PeriodicalId":344816,"journal":{"name":"2021 2nd International Conference on Range Technology (ICORT)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Prevention of SQL Injection Attacks using Query Hashing Technique\",\"authors\":\"Yash Swarup, Anuj Kumar, A. Tyagi, Vimal Kumar\",\"doi\":\"10.1109/ICORT52730.2021.9581804\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web applications are a vital part of day-to-day life. Many critical services like shopping, health, banking, data communication and transport are partly or completely dependent on the Internet. Simultaneously, different kinds of the attacks in the network are introduced by various kinds of attacker. One of the important security attacks is SQL injection. It is a web application vulnerability by which an attacker can get unauthorized access to the database of a website. With the help of SQL injection an attacker can take control of any website if attacker is able to get the credentials of the administrator of the website. In some cases, an attacker may access, delete or modify the data in the database that may cause permanent changes in the applications' content or behavior. In this paper, we have proposed a new technique to prevent SQL Injection attacks by comparing the hash value of the generated query with the hashed value of the legitimate query. Our scheme can be easily added to any prebuilt website build using any language or database type as it requires only few changes to be made in the code of the language.\",\"PeriodicalId\":344816,\"journal\":{\"name\":\"2021 2nd International Conference on Range Technology (ICORT)\",\"volume\":\"60 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 2nd International Conference on Range Technology (ICORT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICORT52730.2021.9581804\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 2nd International Conference on Range Technology (ICORT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICORT52730.2021.9581804","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Prevention of SQL Injection Attacks using Query Hashing Technique
Web applications are a vital part of day-to-day life. Many critical services like shopping, health, banking, data communication and transport are partly or completely dependent on the Internet. Simultaneously, different kinds of the attacks in the network are introduced by various kinds of attacker. One of the important security attacks is SQL injection. It is a web application vulnerability by which an attacker can get unauthorized access to the database of a website. With the help of SQL injection an attacker can take control of any website if attacker is able to get the credentials of the administrator of the website. In some cases, an attacker may access, delete or modify the data in the database that may cause permanent changes in the applications' content or behavior. In this paper, we have proposed a new technique to prevent SQL Injection attacks by comparing the hash value of the generated query with the hashed value of the legitimate query. Our scheme can be easily added to any prebuilt website build using any language or database type as it requires only few changes to be made in the code of the language.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
