MERAL Myanmar Education Research and Learning Portal
Item
{"_buckets": {"deposit": "7f77257e-b0d8-4072-9c5f-c47943a768ed"}, "_deposit": {"id": "4582", "owners": [], "pid": {"revision_id": 0, "type": "recid", "value": "4582"}, "status": "published"}, "_oai": {"id": "oai:meral.edu.mm:recid/4582", "sets": ["user-ucsy"]}, "communities": ["ucsy"], "item_1583103067471": {"attribute_name": "Title", "attribute_value_mlt": [{"subitem_1551255647225": "A Detection and Prevention Technique on SQL Injection Attacks", "subitem_1551255648112": "en"}]}, "item_1583103085720": {"attribute_name": "Description", "attribute_value_mlt": [{"interim": "With the web advancements are rapidly developing,the greater part of individuals makes their transactions onweb, for example, searching through data, banking,shopping, managing, overseeing and controlling dam andbusiness exchanges, etc. Web applications have gotten fit tonumerous individuals\u0027 day by day lives activities. Dangerspertinent to web applications have expanded to hugedevelopment. Presently a day, the more the quantity ofvulnerabilities will be diminished, the more the quantity ofthreats become to increment. Structured Query LanguageInjection Attack (SQLIA) is one of the incredible dangers ofweb applications threats. Lack of input validationvulnerabilities where cause to SQL injection attack on web.SQLIA is a malicious activity that takes negated SQLstatement to misuse data-driven applications. Thisvulnerability admits an attacker to comply crafted input todisclosure with the application’s interaction with back-enddatabases. Therefore, the attacker can gain access to thedatabase by inserting, modifying or deleting criticalinformation without legitimate approval. The paper presentsan approach which detects a query token with reservedwords-based lexicon to detect SQLIA. The approachconsists of two highlights: the first one creates lexicon andthe second step tokenizes the input query statement andeach string token was detected to predefined words lexiconto prevent SQLIA. In this paper, detection and preventiontechnologies of SQL injection attacks are experimented andthe result are satisfactory."}]}, "item_1583103108160": {"attribute_name": "Keywords", "attribute_value_mlt": [{"interim": "SQL Injection Attack"}, {"interim": "Web applications"}, {"interim": "Malicious activity"}, {"interim": "Vulnerabilities"}, {"interim": "Input validation"}]}, "item_1583103120197": {"attribute_name": "Files", "attribute_type": "file", "attribute_value_mlt": [{"accessrole": "open_access", "date": [{"dateType": "Available", "dateValue": "2020-03-13"}], "displaytype": "preview", "download_preview_message": "", "file_order": 0, "filename": "A Detection and Prevention Technique on SQL Injection Attacks.pdf", "filesize": [{"value": "433 Kb"}], "format": "application/pdf", "future_date_message": "", "is_thumbnail": false, "licensetype": "license_free", "mimetype": "application/pdf", "size": 433000.0, "url": {"url": "https://meral.edu.mm/record/4582/files/A Detection and Prevention Technique on SQL Injection Attacks.pdf"}, "version_id": "656ec5cf-b04a-4a80-be9f-0de4eaa8a4dc"}]}, "item_1583103131163": {"attribute_name": "Journal articles", "attribute_value_mlt": [{"subitem_issue": "", "subitem_journal_title": "Proceedings of the Eighteenth International Conference On Computer Applications (ICCA 2020)", "subitem_pages": "", "subitem_volume": ""}]}, "item_1583103147082": {"attribute_name": "Conference papers", "attribute_value_mlt": [{"subitem_acronym": "", "subitem_c_date": "", "subitem_conference_title": "", "subitem_part": "", "subitem_place": "", "subitem_session": "", "subitem_website": ""}]}, "item_1583103211336": {"attribute_name": "Books/reports/chapters", "attribute_value_mlt": [{"subitem_book_title": "", "subitem_isbn": "", "subitem_pages": "", "subitem_place": "", "subitem_publisher": ""}]}, "item_1583103233624": {"attribute_name": "Thesis/dissertations", "attribute_value_mlt": [{"subitem_awarding_university": "", "subitem_supervisor(s)": [{"subitem_supervisor": ""}]}]}, "item_1583105942107": {"attribute_name": "Authors", "attribute_value_mlt": [{"subitem_authors": [{"subitem_authors_fullname": "Hlaing, Zar Chi Su Su"}, {"subitem_authors_fullname": "Khaing, Myo"}]}]}, "item_1583108359239": {"attribute_name": "Upload type", "attribute_value_mlt": [{"interim": "Publication"}]}, "item_1583108428133": {"attribute_name": "Publication type", "attribute_value_mlt": [{"interim": "Article"}]}, "item_1583159729339": {"attribute_name": "Publication date", "attribute_value": "2020-02-28"}, "item_1583159847033": {"attribute_name": "Identifier", "attribute_value": "978-1-7281-5925-6"}, "item_title": "A Detection and Prevention Technique on SQL Injection Attacks", "item_type_id": "21", "owner": "1", "path": ["1597824273898"], "permalink_uri": "http://hdl.handle.net/20.500.12678/0000004582", "pubdate": {"attribute_name": "Deposited date", "attribute_value": "2020-03-13"}, "publish_date": "2020-03-13", "publish_status": "0", "recid": "4582", "relation": {}, "relation_version_is_last": true, "title": ["A Detection and Prevention Technique on SQL Injection Attacks"], "weko_shared_id": -1}
A Detection and Prevention Technique on SQL Injection Attacks
http://hdl.handle.net/20.500.12678/0000004582
http://hdl.handle.net/20.500.12678/0000004582a4efd6e2-b2f1-4e8d-a3ea-605770cba199
7f77257e-b0d8-4072-9c5f-c47943a768ed
| Name / File | License | Actions |
|---|---|---|
A Detection and Prevention Technique on SQL Injection Attacks.pdf (433 Kb)
|
|
| Publication type | ||||||
|---|---|---|---|---|---|---|
| Article | ||||||
| Upload type | ||||||
| Publication | ||||||
| Title | ||||||
| Title | A Detection and Prevention Technique on SQL Injection Attacks | |||||
| Language | en | |||||
| Publication date | 2020-02-28 | |||||
| Authors | ||||||
| Hlaing, Zar Chi Su Su | ||||||
| Khaing, Myo | ||||||
| Description | ||||||
| With the web advancements are rapidly developing,the greater part of individuals makes their transactions onweb, for example, searching through data, banking,shopping, managing, overseeing and controlling dam andbusiness exchanges, etc. Web applications have gotten fit tonumerous individuals' day by day lives activities. Dangerspertinent to web applications have expanded to hugedevelopment. Presently a day, the more the quantity ofvulnerabilities will be diminished, the more the quantity ofthreats become to increment. Structured Query LanguageInjection Attack (SQLIA) is one of the incredible dangers ofweb applications threats. Lack of input validationvulnerabilities where cause to SQL injection attack on web.SQLIA is a malicious activity that takes negated SQLstatement to misuse data-driven applications. Thisvulnerability admits an attacker to comply crafted input todisclosure with the application’s interaction with back-enddatabases. Therefore, the attacker can gain access to thedatabase by inserting, modifying or deleting criticalinformation without legitimate approval. The paper presentsan approach which detects a query token with reservedwords-based lexicon to detect SQLIA. The approachconsists of two highlights: the first one creates lexicon andthe second step tokenizes the input query statement andeach string token was detected to predefined words lexiconto prevent SQLIA. In this paper, detection and preventiontechnologies of SQL injection attacks are experimented andthe result are satisfactory. | ||||||
| Keywords | ||||||
| SQL Injection Attack, Web applications, Malicious activity, Vulnerabilities, Input validation | ||||||
| Identifier | 978-1-7281-5925-6 | |||||
| Journal articles | ||||||
| Proceedings of the Eighteenth International Conference On Computer Applications (ICCA 2020) | ||||||
| Conference papers | ||||||
| Books/reports/chapters | ||||||
| Thesis/dissertations | ||||||
