Abstract
One of the most serious security vulnerabilities in the current scenario is SQL injection. It stands first in the OWASP top 10 vulnerability attacks. Lack of input validation is one of the main reasons for the cause of these types of attacks. Data can be stolen from the database by the means of SQL injection. Most of the user inputs are going directly to database. An attacker can obtain the data which he does not have access to with the means of SQL injection. The paper aims in developing a method that detects and prevents SQL injection attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sarjitus O, El-Yakub MB (2019) Neutralizing SQL injection attack on web application using server side code modification. Int J Sci Res Comput Sci Eng Inf Technol 5(3)
Alsahafi R (2019) SQL injection attacks: detection and prevention techniques. Int J Sci Technol Res 8(1)
Mishra S (2019) SQL injection detection using machine learning. In: Master’s projects, SJSU scholar works, May 2019
Shahriar H, North S, Chen WC (2013) Early detection of SQL injection attacks. Int J Netw Secur Appl IJNSA
Raut S, Nikhare A, Punde Y, Manerao S, Choudhary S (2019) A review on methods for prevention of SQL injection attack. Int J Sci Res Sci Technol 6(2)
Qian L, Zhu Z, Hu L, Liu S (2015) Research of SQL injection attack and prevention technology. In: International conference on estimation, detection and information fusion, IEEE 2015
Prabakar MA, Kartikeyan M, Marimuthu K (2013) An Efficient technique for preventing SQL injection attack using pattern matching algorithm. IEEE international conference on emerging trends in computing, communication and nanotechnology, IEEE 2013
Ntagwabira L, Kang SL (2010) Use of query tokenization to detect and prevent SQL injection attacks. In: International conference on computer science and information technology, vol 2, IEEE 2010
Voitovych OP, Yuvkovetskyi OS (2016) SQL injection prevention system. In: International conference “Radio electronics and infocommunications” (UkrMiCo). Kiev, Ukraine IEEE, Sept 2016
Radhika N, Vanitha A (2014) Multidimensional analysis of SQL injection attacks in web applications. Int J Innov Sci Eng Technol 1(3)
Appiah B, Opoku-Mensah E, Qin Z (2017) SQL injection attack detection using fingerprints and pattern matching technique. In: 8th IEEE international conference on software engineering and service science (ICSESS), IEEE 2017
Jhala K, Shukla UD (2017) Tautology based advanced SQL injection technique a peril to web application. In: National conference on latest trends in networking and cyber security, Mar 2017
Yasin A, Zidan NA (2016) sql injection prevention using query dictionary based mechanism. Int J Comput Sci Inf Secur 14(6)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Archana Devi, R., Amritha, C., Sai Gokul, K., Ramanuja, N., Yaswant, L. (2021). Prevention and Detection of SQL Injection Using Query Tokenization. In: Tripathy, A., Sarkar, M., Sahoo, J., Li, KC., Chinara, S. (eds) Advances in Distributed Computing and Machine Learning. Lecture Notes in Networks and Systems, vol 127. Springer, Singapore. https://doi.org/10.1007/978-981-15-4218-3_17
Download citation
DOI: https://doi.org/10.1007/978-981-15-4218-3_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-4217-6
Online ISBN: 978-981-15-4218-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)