SQL Injection detection and preventive approach for web applications
Abstract
Presently, the most highly used method of global communication is web applications and used for long-distance communication, online marketing, research and development, distance learning, e-banking and social media networks. Since web applications are available for the global community with access for anyone, web applications confront numerous security issues, specifically due to web-based cyber-attacks. The SQL injection attack is the most prevailing web-based cyber-attacks globally, belonging to high-rank classifications. Because of the increased number of global online services with a high rate, SQL injection attacks also are amplified rapidly. Most SQL injection attacks are successful due to a lack of proper validation. However, a successful SQL injection attack highly interferes with databases' integrity, availability, and confidentiality. Therefore, there is a vital global requirement to overcome SQL injection attacks. Accordingly, there are three key objectives. The first objective is to detect the SQL injection attacks affecting web servers. The second objective is to explore the preventive solution for SQL injection attacks affecting the web servers. The third objective is to share the knowledge on SQL injection attacks with other researchers.
Towards overcoming predominant issues, a periodically and continuously running PHP-based programme, which can identify patterns of SQL injection attacks recorded in PHP Apache log files and blocking the identified suspicious IP addresses, was designed as the adopted methodology. Statistics of total suspicious IP addresses and black listed IP addresses with their hitting counts and time were obtained while preventing access of black listed IP addresses to the Apache webserver. The proposed solution facilitates continuous monitoring of suspicious activities while blocking vulnerable hosts using its IP addresses automatically with securing web servers from the SQL injection attack.
