Detection Block Model for SQL Injection Attacks

With the rapid development of Internet, more and more organizations connect their databases to the Internet for resource sharing. However, due to developers' lack of knowledge of all possible attacks, web applications become vulnerable to multiple attacks. Thus the network databases could face multiple threats. Web applications generally consist of a three tier architecture where database is in the third pole, which is the most valuable asset in any organization. SQL injection is an attack technique in which specially crafted input string is entered in user input field. It is submitted to server and result is returned to the user. In SQL injection vulnerability, the database server is forced to execute malicious operations which may cause the data loss or corruption, denial of access, and unauthentic access to sensitive data by crafting specific inputs. An attacker can directly compromise the database, and that is why this is a most threatening web attack. SQL injection attack occupies first position in top ten vulnerabilities as specified by Open Web Application Security Project. It is probably the most common Website vulnerability today. Current scenarios which provide solutions to SQL injection attack either have limited scope i.e. can‘t be implemented across all platforms, or do not cover all types of SQL injection attacks. In this work we implement Message Authentication Code (MAC) based solution against SQL injection attacks. The model works both on client and server side. Client side implements a filter function and server side is based on information theory. MAC of static and dynamic queries is compared to detect SQL injection attack.