User Authentication Method against SQL Injection Attacks
نویسندگان
چکیده
The Internet and web applications are playing very important role in our today’s modern day life. Most of the web applications use the database as a back end to store critical information. SQL injection attacks represent a serious threat to any database-driven site. The methods behind an attack are easy to learn and the damage caused can range from considerable to complete system compromise. Despite these risks an incredible number of systems on the internet are susceptible to this form of attack. Organizations are using a reactive approach towards these threats, instead of a proactive approach that would help avoiding them. In this paper, we propose a technique for user authentication to prevent SQLIAs by hashing and salting the user name and password. KeywordsWeb applications vulnerabilities, SQL injection, Authentication, Hashing, Salting, Database security, Internet
منابع مشابه
Detection Block Model for SQL Injection Attacks
With the rapid development of Internet, more and more organizations connect their databases to the Internet for resource sharing. However, due to developers' lack of knowledge of all possible attacks, web applications become vulnerable to multiple attacks. Thus the network databases could face multiple threats. Web applications generally consist of a three tier architecture where database is in...
متن کاملAn Approach to Detect and Prevent SQL Injection Attacks in Database Using Web Service
SQL injection is an attack methodology that targets the data residing in a database through the firewall that shields it. The attack takes advantage of poor input validation in code and website administration. SQL Injection Attacks occur when an attacker is able to insert a series of SQL statements in to a ‘query’ by manipulating user input data in to a web-based application, attacker can take ...
متن کاملPreventing SQL Injection Attacks
With the recent rapid increase in web based applications that employ back-end database services, results show that SQL Injection and Remote File Inclusion are the two frequently used exploits rather than using other complicated techniques. With the rise in use of web applications, SQL injection based attacks are gradually increasing and is now one of the most common attacks in the internet. It ...
متن کاملAn Authentication Mechanism to prevent SQL Injection Attacks
SQL Injection attacks target databases that are accessible through a web front-end, and take advantage of flaws in the input validation logic of Web components such as CGI scripts.In the last few months application-level vulnerabilities have been exploited with serious consequences by the hackers have tricked e-commerce sites into shipping goods for no charge, usernames and passwords have been ...
متن کاملWeb Security by Preventing SQL Injection Using Encryption in Stored Procedures
SQL Injection attacks target databases that are accessible through a web front-end, and take advantage of flaws in the input validation logic of Web components such as CGI scripts. SQL Injection attacks can be easily prevented by applying more secure authentication schemes in login phase itself. In this paper we are going to prevent SQLIA (SQL Injection Attacks) by using encryption in Stored Pr...
متن کامل