SQL Injection is one of the most critical security vulnerability in web applications. Most web applications use SQL as web applications. SQL injection mainly affects these websites and web applications. An attacker can easily bypass a web applications authentication and authorization and get access to the contents they want by SQL injection. This unauthorised access helps the attacker to retrieve confidential data's, trade secrets and can even delete or modify valuable documents. Even though, to an extend many preventive measures are found, till now there are no complete solution for this problem. Hence, from the surveys and analyses done, an enhanced methodology is proposed against SQL injection disclosure and deterrence by ensuring proper authentication using Heisenberg analysis and password security using Honey pot mechanism.
[1]
Jun Hu,et al.
Research of SQL injection attack and prevention technology
,
2015,
2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF).
[2]
Zhang Bo.
SQL Injection Attack and Detection Technology
,
2010
.
[3]
Michael D. Ernst,et al.
Automatic creation of SQL Injection and cross-site scripting attacks
,
2009,
2009 IEEE 31st International Conference on Software Engineering.
[4]
Suhaimi Ibrahim,et al.
Web application security by SQL injection detection tools
,
2012
.
[5]
Sunita Gond,et al.
Defenses To Protect Against SQL Injection Attacks
,
2013
.
[6]
Yasser Fouad,et al.
A Survey of SQL Injection Attack Detection and Prevention
,
2014
.