A Tokenization and Encryption based Multi-Layer Architecture to Detect and Prevent SQL Injection Attack

  • Mr. Vishal Andodariya PG Student, C. U. Shah College Of Engg. And Tech., Wadhwan city, India
  • Prof. Shaktisinh Parmar Assistant Professor, C. U. Shah College Of Engg. And Tech., Wadhwan city, India
Keywords: SQL Injection, Types of SQL Injection, Encryption, Tokenization

Abstract

With the increased importance of web applications in the last few years, the negative impact of security flaws in such applications has also grown either. Vulnerabilities that may lead to the compromise of sensitive information are being reported continuously, and the costs of damages resulting from exploited flaws can be enormous.

References

Praveen Kumar, “The Multi-Tier Architecture for Developing Secure Website with Detection and Prevention of SQL Injection Attacks," International Journal of Computer Applications (0975 – 8887) Volume 62– No.9, January 2013.

Niraj Kulkarni, D R Anekar, Mayur Ghadge, Rohit Garde,“ A System to Detect and Block SQL Injection with the help of Multi-Agent System using Artificial Neural Network,” International Journal of Computer Applications (0975 – 8887), Volume 71– No.12, February 2013.

Niraj Kulkarni, D R Anekar, Mayur Ghadge, Rohit Garde, “Multi-Agent System for Detection and Blocking SQL Injection,” International Journal of Computer Applications (0975 – 8887), Volume 64– No.15, February 2013.

Gaurav Shrivastava, Kshitij Pathak, “SQL Injection Attacks: Technique and Prevention mechanism,” International Journal of Computer Applications (0975 – 8887), Volume 69– No. 7, May 2013.

Asha. N, M. Varun Kumar, Vaidhyanathan G, ”Preventing SQL Injection Attacks”, International Journal of Computer Applications (0975 – 8887), Volume 52– No.13, August 2012.

Srinivas Avireddy, Varalakshmi Perumal, Narayan Gowraj ,Ram Srivatsa Kannan,Prashanth Thinakaran, Sundaravadanam Ganapathi, Jashwant Raj Gunasekaran and Sruthi Prabhu, “Random4: An Application Specific Randomized Encryption Algorithm to Prevent SQL Injection,” IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications,IEEE-2012.

Kai-Xiang Zhang, Chia-Jun Lin, Shih-Jen Chen, Yanling Hwang, Hao-Lun Huang, Fu-Hau Hsu,” TransSQL: A Translation And Validation based Solution for SQL-injection Attack”, First International Conference on Robot, Vision and Signal Processing, IEEE-2011.

Khaleel Ahmad, Jayant Shekhar and,K.P. Yadav, ” Classification of SQL Injection Attacks”, Vol. I (4), 235-242, VSRD-TNTJ-2010.

ANN,Dec-2013 http://www.learnartificialneuralnetworks.com/introduction-to-neural-networks.html

"Top Ten Most Critical Web Application Vulnerabilities,"OWASP Foundation, http://www.owasp.org/documentation/topten.html. 2005.10/12/2013

MD5 Algorithm- April-2014, http://www.engr.uconn.ed u/~fzhang/docs/crypt. doc
Published
2015-02-28
Section
Original Article