To search, Click below search items.


All Published Papers Search Service


A Novel Intrusion Detection and Prevention Model for SQL Injection Attacks


Malik Rizwan Ali Muhammad Sheraz Arshad Malik Noureen Hameed Faizan Tahir


Vol. 19  No. 8  pp. 91-97


SQL Injection Attack (SQLIA) is a hot issue now a days in web applications and databases. SQL Injection ignores the authentication checks and affects the confidentiality of the database. SQLIA helps the invader to get the unauthorized access of the whole database and manipulate it. The existing tools and techniques like SQLRand, CANID, AMNESIA and SQL DOM mainly focus on providing access to the database only to the authenticated users. These tools do not provide complete prevention measures against the SQLIA. In this research, a novel Intrusion Detection and Prevention System (IDPMIA) is introduced. The proposed IDPMIA will detect the malicious queries before execution. Whenever an attacker tries to inject a suspicious query, it would immediately be recognized by IDPMIA and preventive measures will be taken. The proposed approach will be justified through case studies where multiple SQL Injection attacks will be simulated and results will be analyzed using the proposed model and existing state of the art techniques from literature.


Intrusion Detection & Prevention Model (IDPMIA), SQL, SQLIA