Please use this identifier to cite or link to this item:
https://elibrary.tucl.edu.np/handle/123456789/6086
Title: | Prevention of Web Application Against SQL-Injection Attack |
Authors: | Dhakal, Madhav |
Keywords: | Web;SQL programming |
Issue Date: | 2008 |
Publisher: | Department of Computer Science and Information Technology |
Institute Name: | Central Department of Computer Science and Information Technology |
Level: | Masters |
Abstract: | Web applications are accessed using internet and so face risks associated with usage of internet. There are numerous attacking techniques in the database of web applications, one of them simplest technique is the SQL Injection technique. SQL Injection is an attacking method used by the hackers to retrieve, manipulation, fabricate or delete information in organization’s relational database through web applications. Information in the database mainly constitutes an organization’s most important information and attacks on it could threaten the organization’s confidentiality, availability, integrity and so on. It is a simple and required database and server- script language knowledge but no special tool or experience In this thesis work, we study the different attacking techniques through SQL Injection and it applies to popular Internet Information Server Page/ASP.NET/SQL Server Platform. We discuss some ways in which attacker can inject the SQL-code in to the database of web application and then addresses some of the prevention techniques with our own prevention method i.e. transition table validation method, which is related to them with the validation. Similarly, we also found that execution time taken by guarded statement is comparatively greater than the execution time taken by normal statement. |
URI: | https://elibrary.tucl.edu.np/handle/123456789/6086 |
Appears in Collections: | Computer Science & Information Technology |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Cover.pdf | 35.21 kB | Adobe PDF | View/Open | |
Chapter.pdf | 363.21 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.