Efficient Solution for Detection and Prevention of SQL Injection Attacks (Wave system technique) | ||||
مجلة الجمعية المصرية لنظم المعلومات وتکنولوجيا الحاسبات | ||||
Article 13, Volume 18, الثامن عشر - Serial Number 18, March 2017, Page 13-20 PDF (8.85 MB) | ||||
Document Type: • البحوث والدراسات والمقالات المستوفاة للقواعد العلمیة المتعارف علیها، والتى یجریها أو یشارک فى إجرائها أعضاء هیئة التدریس والباحثون فى الجامعات ومراکز البحوث المصریة والعربیة، وذلک باللغتین العربیة والإنجلیزیة . | ||||
DOI: 10.21608/jstc.2017.117916 | ||||
View on SCiNiTO | ||||
Authors | ||||
Mohamed M. EL HADI; Christina Albert; Mona Medhat | ||||
Sadat Academy for Management Sciences | ||||
Abstract | ||||
Abstract SQL Injection attacks are one of the most common threats on web applications that refer to an attacker who can use vulnerability to bypass authentication for retrieving the contents of an entire database then create, delete, update or drop the whole structure. There are many methods used to repel these attacks but none of these methods have proved to work on detecting and preventing all types of SQL injection attacks which means specific method for a certain particular type. The aim of this research is to present a new method to detect and prevent the largest number of these attacks and test it against the 50 codes written by PHP and HTML languages Analysis and comparison have been carried out between the existing solutions YASCA, RIPS and WAVE, questionnaires were completed by experts such as developers and database administrators and identification of the actual risks behind these threats have all helped in addressing the best method to use in securing websites. | ||||
Keywords | ||||
SQL Injection; Attack; Prevention-Detection; vulnerability attack. Threats; SQLIA. | ||||
Statistics Article View: 83 PDF Download: 246 |
||||