Efficient Solution for Detection and Prevention of SQL Injection Attacks (Wave system technique)

نوع المستند : • البحوث والدراسات والمقالات المستوفاة للقواعد العلمیة المتعارف علیها، والتى یجریها أو یشارک فى إجرائها أعضاء هیئة التدریس والباحثون فى الجامعات ومراکز البحوث المصریة والعربیة، وذلک باللغتین العربیة والإنجلیزیة .

المؤلفون

Sadat Academy for Management Sciences

المستخلص

Abstract
SQL Injection attacks are one of the most common threats on web applications that refer to an attacker who can use vulnerability to bypass authentication for retrieving the contents of an entire database then create, delete, update or drop the whole structure. There are many methods used to repel these attacks but none of these methods have proved to work on detecting and preventing all types of SQL injection attacks which means specific method for a certain particular type. The aim of this research is to present a new method to detect and prevent the largest number of these attacks and test it against the 50 codes written by PHP and HTML languages Analysis and comparison have been carried out between the existing solutions YASCA, RIPS and WAVE, questionnaires were completed by experts such as developers and database administrators and identification of the actual risks behind these threats have all helped in addressing the best method to use in securing websites. 

الكلمات الرئيسية

الموضوعات الرئيسية