NUST Institutional Repository

Preventing SQL Injection

Show simple item record

dc.contributor.author Sumana Sattar
dc.date.accessioned 2020-11-03T15:01:29Z
dc.date.available 2020-11-03T15:01:29Z
dc.date.issued 2007
dc.identifier.uri http://10.250.8.41:8080/xmlui/handle/123456789/9217
dc.description Supervisor: Mr. Sheharzad Khattak en_US
dc.description.abstract SQL injections are hacking techniques through which hackers gain unauthorized access to the database. It has been declare as one of the most serious threat to web-base application. Not only the web-base application but all the applications which have dynamically generated SQL queries are vulnerable to SQL injections. SQL injections are of many types it all depend upon the creativity of the hacker how he wants to attack the database. But mainly it has been classified as four types: Select, Update, Authorization bypass and Insert. Lot of research has been carried out and many solutions have been proposed but all the solutions have some limitations. The best solution ever proposed is parse tree technique. Parse Tree technique has been implemented in this project. The basic concept behind the Parse Tree is that it dynamically generates two parse trees from SQL query. One with user input and other without user input And compare at run time If they are equal it will be consider as safe query and it will be allowed to access the database. Otherwise it will be consider as an SQL injection attack and It will not further be proceed. en_US
dc.publisher SEECS, National University of Sciences and Technology, Islamabad en_US
dc.subject Information Technology en_US
dc.title Preventing SQL Injection en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

  • BS [440]

Show simple item record

Search DSpace


Advanced Search

Browse

My Account