Defense against SQL Injection and Cross Site Scripting Vulnerabilities

Kirti Randhe, Vishal Mogal

Abstract: As dependence on web applications is increasing very rapidly in various fields like social networks, online services, banking, etc. Access to web applications and ease of use make them more popular in offering online services instead of in person services. Due to the presence of security weakness in web applications malicious user can easily exploit various security vulnerabilities and become reason of their failure. SQL injection attacks and cross site scripting attacks are the two most common attacks in web application. Attack prevention techniques protect the applications from attack during their execution in actual environment. Prevention and detection of intrusion is made through a deployment of reverse proxy with the intrusion and prevention mechanism which are built in against web attacks specially SQLIA. In reverse proxy user input is sanitized which may transform into a database attack. Here data cleaning algorithm is used for sanitization application. Using this method SQL injection attack as well as cross site scripting attacks are detected.

Keywords: SQL attacks, SQL injection, Cross site scripting, Sanitization, Vulnerabilities

How to Cite?: Kirti Randhe, Vishal Mogal, "Defense against SQL Injection and Cross Site Scripting Vulnerabilities", Volume 3 Issue 11, November 2014, International Journal of Science and Research (IJSR), Pages: 2198-2201, https://www.ijsr.net/getabstract.php?paperid=OCT141523, DOI: https://dx.doi.org/10.21275/OCT141523