Abstract

Web application plays an important role in different fields like finance sector, business, shopping etc. There is no. of web application vulnerabilities such as SQL injection, Buffer overflow etc. Above these SQL Injection vulnerabilities are very harmful for web applications. In literature survey there are number of technique used to prevent SQLIA in application level, but not in database level. SQL injection attacks occur due to vulnerabilities in the design of queries where a malicious user can take advantage of input opportunities to insert code in the queries that modify the query-conditions resulting in unauthorized database access. In this paper we design an effective algorithm to prevent stored procedure from SQLIA in database level. Hirschberg’s algorithm is used to prevent the stored procedure, which reduces both time as well as space complexity. We also analyse several aspects which have been discussed further.

References

• Ke Wei, M. Muthuprasanna, Suraj Kothari, “Preventing SQL Injection Attacks in Stored Procedures”, Proceedings of the 2006 Australian Software Engineering Conference (ASWEC’06), IEEE Ding, W. and Marchionini, G. 1997 A Study on Video Browsing Strategies. Technical Report. University of Maryland at College Park.
• “Buffer Overflow Attacks Bypassing dep (nx/xd bits)—Part 2: Code Injection,”http://www.mastropaolo.com/, Dec.06
• William G.J Halfond, Alessandro Orso, P. Manolios, “WASP: Protecting Web Application Using Positive Tainting and Syntax-Aware Evaluation “, IEEE transaction of Software Engineering Vol 34, No 1, January/February 2008..
• Ankit Anchlia, Sheela Jain,” A novel Injection Aware Approach for the Testing of Database Applications”, 2010 International Conference on Recent Trends in Information, Telecommunication and Computing, IEEE.
• M.Ruse, Tanmoy Sarkar & Samik Basu, “Analysis & Detection of SQL Injection Vulnerabilities via Automatic TestCase Generation of Programs”, 2010 10th Annual International Symposium on Applications and the Internet, IEEE.