Methods of Identifying and Preventing SQL Attacks Research Paper

Methods of Identifying and Preventing SQL Attacks - Research Paper Example The other sections cover the preventive methods, where the methods are also discussed with an illustration using diagrams. Keywords: SQLIA, WebSSARI, WAVE, AMNESIA, SQL DOM, tautology Introduction There are numerous web applications used by various companies and organizations in order to provide services to users, such as online banking and shopping, hence establishing a need to develop a database. These web applications contain confidential information such as the customer’s financial records, thus making these applications frequent targets for attackers. The attack to the SQL is referred to as the SQL injection, which gives attackers unauthorized access to the databases of underlying Web applications (Huang, Yu, Hang, and Tsai 148). Therefore, these attackers are able to leak, modify and delete information which is stored on these databases, thus resulting in problems for the organization. In this case, the paper will discuss issues related to detection and prevention of SQL attacks. Commercial and governmental institutions are the common victims of SQL injection attacks (SQLIAs) due to insufficiency in the input validation. In fact, these cases occur when Web application receives a user input, thus using it for building a database query without ample validation, hence creating a chance for an attacker to utilize the vulnerability. The vulnerability of the databases to SQL injections has been regarded as the most serious threat for a Web application (Wassermann and Su, 78). This creates a form of vulnerability to SQL injection, thus allowing the attacker to have accessibility to the underlying databases, and it results in security violations since the information in these databases is sensitive. The implications of SQL injections are issues such as loss of credentials, theft, and fraud, and in other cases, the attackers are able to use the vulnerability to acquire control and corrupt the system hosting the Web application. The diagram illustrates an SQ L injection, whereby an attacker uses a client through the firewall into the web application where access to SQL server is achieved and sensitive application data is disclosed. Methods of Identifying SQL Attacks Numerous methods can be applied in detecting SQL injection attacks, and one of them is the Intrusion Detection System (IDS), which is based on a machine learning technique and application of a set of distinctive application queries. Moreover, this technique relates to a model of distinctive queries and a function of monitoring application at runtime in order to identify the queries that are not matching the model (Pietraszek and Vanden 2). Therefore, this makes the system have the ability to detect attacks effectively, though there are basic demerits of learning based techniques since they do not offer a guarantee concerning the detection abilities. In fact, the detection abilities are dependent on the quality of the training set applied; thus, a poor training set can result in the generation of large numbers of false positive and negative by the learning technique (Valeur, Mutz, and Vigna 40). The diagram shows the locations of the Intrusion Detection System (IDS), whereby there are two sensors located at both sides of the firewall in order to detect any intrusion from the Internet before and after penetrating the firewall.