A Tokenization and Encryption based Multi-Layer Architecture to Detect and Prevent SQL Injection Attack
With the increased importance of web applications in the last few years, the negative impact of security flaws in such applications has also grown either. Vulnerabilities that may lead to the compromise of sensitive information are being reported continuously, and the costs of damages resulting from exploited flaws can be enormous.
Niraj Kulkarni, D R Anekar, Mayur Ghadge, Rohit Garde,“ A System to Detect and Block SQL Injection with the help of Multi-Agent System using Artificial Neural Network,” International Journal of Computer Applications (0975 – 8887), Volume 71– No.12, February 2013.
Niraj Kulkarni, D R Anekar, Mayur Ghadge, Rohit Garde, “Multi-Agent System for Detection and Blocking SQL Injection,” International Journal of Computer Applications (0975 – 8887), Volume 64– No.15, February 2013.
Gaurav Shrivastava, Kshitij Pathak, “SQL Injection Attacks: Technique and Prevention mechanism,” International Journal of Computer Applications (0975 – 8887), Volume 69– No. 7, May 2013.
Asha. N, M. Varun Kumar, Vaidhyanathan G, ”Preventing SQL Injection Attacks”, International Journal of Computer Applications (0975 – 8887), Volume 52– No.13, August 2012.
Srinivas Avireddy, Varalakshmi Perumal, Narayan Gowraj ,Ram Srivatsa Kannan,Prashanth Thinakaran, Sundaravadanam Ganapathi, Jashwant Raj Gunasekaran and Sruthi Prabhu, “Random4: An Application Specific Randomized Encryption Algorithm to Prevent SQL Injection,” IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications,IEEE-2012.
Kai-Xiang Zhang, Chia-Jun Lin, Shih-Jen Chen, Yanling Hwang, Hao-Lun Huang, Fu-Hau Hsu,” TransSQL: A Translation And Validation based Solution for SQL-injection Attack”, First International Conference on Robot, Vision and Signal Processing, IEEE-2011.
Khaleel Ahmad, Jayant Shekhar and,K.P. Yadav, ” Classification of SQL Injection Attacks”, Vol. I (4), 235-242, VSRD-TNTJ-2010.
"Top Ten Most Critical Web Application Vulnerabilities,"OWASP Foundation, http://www.owasp.org/documentation/topten.html. 2005.10/12/2013
MD5 Algorithm- April-2014, http://www.engr.uconn.ed u/~fzhang/docs/crypt. doc