Effectiveness of structured query language injection attacks detection mechanisms
Database security is one of the most essential factors in keeping stored information safe. These days, web applications are used widely as a meddler between computer users. Web applications are also used mostly by e-commerce companies, and these types of applications need a secured database in order...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2008
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/9510/ http://eprints.utm.my/9510/1/NurulZawiyahMohamadMFSKSM2008.pdf |
| _version_ | 1848891866343276544 |
|---|---|
| author | Mohamad, Nurul Zawiyah |
| author_facet | Mohamad, Nurul Zawiyah |
| author_sort | Mohamad, Nurul Zawiyah |
| building | UTeM Institutional Repository |
| collection | Online Access |
| description | Database security is one of the most essential factors in keeping stored information safe. These days, web applications are used widely as a meddler between computer users. Web applications are also used mostly by e-commerce companies, and these types of applications need a secured database in order to keep sensitive and confidential information. Since SQL injection attacks occurred as a new way of accessing database through the application rather than directly through the database itself, they have become popular among hackers and malicious users. Many prevention and detection mechanisms are developed to handle this problem but these mechanisms have their limitations. In this study, two mechanisms, AMNESIA and SQL Guard are adopted for a practical evaluation to search for the better technique in detecting SQL injection attacks. These techniques will be called Technique A and Technique B respectively and will be evaluated on their effectiveness and efficiency using precision and recall measure against two web applications, Mekar and myMarket. The study will show that Technique B is a better approach on detecting SQL injection attacks. |
| first_indexed | 2025-11-15T21:04:46Z |
| format | Thesis |
| id | utm-9510 |
| institution | Universiti Teknologi Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T21:04:46Z |
| publishDate | 2008 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | utm-95102018-07-19T01:51:07Z http://eprints.utm.my/9510/ Effectiveness of structured query language injection attacks detection mechanisms Mohamad, Nurul Zawiyah QA75 Electronic computers. Computer science Database security is one of the most essential factors in keeping stored information safe. These days, web applications are used widely as a meddler between computer users. Web applications are also used mostly by e-commerce companies, and these types of applications need a secured database in order to keep sensitive and confidential information. Since SQL injection attacks occurred as a new way of accessing database through the application rather than directly through the database itself, they have become popular among hackers and malicious users. Many prevention and detection mechanisms are developed to handle this problem but these mechanisms have their limitations. In this study, two mechanisms, AMNESIA and SQL Guard are adopted for a practical evaluation to search for the better technique in detecting SQL injection attacks. These techniques will be called Technique A and Technique B respectively and will be evaluated on their effectiveness and efficiency using precision and recall measure against two web applications, Mekar and myMarket. The study will show that Technique B is a better approach on detecting SQL injection attacks. 2008-10 Thesis NonPeerReviewed application/pdf en http://eprints.utm.my/9510/1/NurulZawiyahMohamadMFSKSM2008.pdf Mohamad, Nurul Zawiyah (2008) Effectiveness of structured query language injection attacks detection mechanisms. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System. http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:856?site_name=Restricted Repository |
| spellingShingle | QA75 Electronic computers. Computer science Mohamad, Nurul Zawiyah Effectiveness of structured query language injection attacks detection mechanisms |
| title | Effectiveness of structured query language injection attacks detection mechanisms |
| title_full | Effectiveness of structured query language injection attacks detection mechanisms |
| title_fullStr | Effectiveness of structured query language injection attacks detection mechanisms |
| title_full_unstemmed | Effectiveness of structured query language injection attacks detection mechanisms |
| title_short | Effectiveness of structured query language injection attacks detection mechanisms |
| title_sort | effectiveness of structured query language injection attacks detection mechanisms |
| topic | QA75 Electronic computers. Computer science |
| url | http://eprints.utm.my/9510/ http://eprints.utm.my/9510/ http://eprints.utm.my/9510/1/NurulZawiyahMohamadMFSKSM2008.pdf |