An effective method for preventing SQL injection attack and session hijacking

Karis D'silva; J. Vanajakshi; K. N. Manjunath; Srikanth Prabhu

doi:10.1109/RTEICT.2017.8256687

An effective method for preventing SQL injection attack and session hijacking

Karis D'silva, J. Vanajakshi, K. N. Manjunath, Srikanth Prabhu

Department of Computer Science and Engineering, Manipal Institute of Technology, Manipal

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

10 Citations (Scopus)

Abstract

Today's world is very much dependent on the web applications, may it be shopping or financial transactions. Providing security to these web applications isvery important. Most of the transaction information or the customer information is stored in the backend databases for these web applications. One of the vulnerabilities of these web applications is SQL (Structured Query Language) injection attack. Also, the web application sessions are prone to session hijacking attack, if the adversary can get hold of the session id. Considering that there are various tools available to retrieve session/HTTP cookies, this makes web applications very vulnerable session hijacking attacks. Though there are many ways proposed to defend the databases against SQL injection attacks, there is no sure shot way to prevent these SQL injection attacks. This project proposes an efficient technique for the prevention of SQL injection attack and session hijacking. The hashing technique is used for implementing the preventionthese attacks.

Original language	English
Title of host publication	RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	697-701
Number of pages	5
Volume	2018-January
ISBN (Electronic)	9781509037049
DOIs	https://doi.org/10.1109/RTEICT.2017.8256687
Publication status	Published - 01-07-2017
Event	2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, RTEICT 2017 - Bangalore, India Duration: 19-05-2017 → 20-05-2017

Conference

Conference	2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, RTEICT 2017
Country/Territory	India
City	Bangalore
Period	19-05-17 → 20-05-17

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Computer Science Applications
Media Technology
Control and Optimization
Instrumentation
Transportation
Communication

Access to Document

10.1109/RTEICT.2017.8256687

Cite this

D'silva, K., Vanajakshi, J., Manjunath, K. N., & Prabhu, S. (2017). An effective method for preventing SQL injection attack and session hijacking. In RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings (Vol. 2018-January, pp. 697-701). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/RTEICT.2017.8256687

@inproceedings{8d8d6f360bd242b59b85eacba0918ad8,

title = "An effective method for preventing SQL injection attack and session hijacking",

abstract = "Today's world is very much dependent on the web applications, may it be shopping or financial transactions. Providing security to these web applications isvery important. Most of the transaction information or the customer information is stored in the backend databases for these web applications. One of the vulnerabilities of these web applications is SQL (Structured Query Language) injection attack. Also, the web application sessions are prone to session hijacking attack, if the adversary can get hold of the session id. Considering that there are various tools available to retrieve session/HTTP cookies, this makes web applications very vulnerable session hijacking attacks. Though there are many ways proposed to defend the databases against SQL injection attacks, there is no sure shot way to prevent these SQL injection attacks. This project proposes an efficient technique for the prevention of SQL injection attack and session hijacking. The hashing technique is used for implementing the preventionthese attacks.",

author = "Karis D'silva and J. Vanajakshi and Manjunath, {K. N.} and Srikanth Prabhu",

year = "2017",

month = jul,

day = "1",

doi = "10.1109/RTEICT.2017.8256687",

language = "English",

volume = "2018-January",

pages = "697--701",

booktitle = "RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

note = "2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, RTEICT 2017 ; Conference date: 19-05-2017 Through 20-05-2017",

}

D'silva, K, Vanajakshi, J, Manjunath, KN & Prabhu, S 2017, An effective method for preventing SQL injection attack and session hijacking. in RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings. vol. 2018-January, Institute of Electrical and Electronics Engineers Inc., pp. 697-701, 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, RTEICT 2017, Bangalore, India, 19-05-17. https://doi.org/10.1109/RTEICT.2017.8256687

An effective method for preventing SQL injection attack and session hijacking. / D'silva, Karis; Vanajakshi, J.; Manjunath, K. N. et al.
RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings. Vol. 2018-January Institute of Electrical and Electronics Engineers Inc., 2017. p. 697-701.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - An effective method for preventing SQL injection attack and session hijacking

AU - D'silva, Karis

AU - Vanajakshi, J.

AU - Manjunath, K. N.

AU - Prabhu, Srikanth

PY - 2017/7/1

Y1 - 2017/7/1

N2 - Today's world is very much dependent on the web applications, may it be shopping or financial transactions. Providing security to these web applications isvery important. Most of the transaction information or the customer information is stored in the backend databases for these web applications. One of the vulnerabilities of these web applications is SQL (Structured Query Language) injection attack. Also, the web application sessions are prone to session hijacking attack, if the adversary can get hold of the session id. Considering that there are various tools available to retrieve session/HTTP cookies, this makes web applications very vulnerable session hijacking attacks. Though there are many ways proposed to defend the databases against SQL injection attacks, there is no sure shot way to prevent these SQL injection attacks. This project proposes an efficient technique for the prevention of SQL injection attack and session hijacking. The hashing technique is used for implementing the preventionthese attacks.

AB - Today's world is very much dependent on the web applications, may it be shopping or financial transactions. Providing security to these web applications isvery important. Most of the transaction information or the customer information is stored in the backend databases for these web applications. One of the vulnerabilities of these web applications is SQL (Structured Query Language) injection attack. Also, the web application sessions are prone to session hijacking attack, if the adversary can get hold of the session id. Considering that there are various tools available to retrieve session/HTTP cookies, this makes web applications very vulnerable session hijacking attacks. Though there are many ways proposed to defend the databases against SQL injection attacks, there is no sure shot way to prevent these SQL injection attacks. This project proposes an efficient technique for the prevention of SQL injection attack and session hijacking. The hashing technique is used for implementing the preventionthese attacks.

UR - http://www.scopus.com/inward/record.url?scp=85046262358&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85046262358&partnerID=8YFLogxK

U2 - 10.1109/RTEICT.2017.8256687

DO - 10.1109/RTEICT.2017.8256687

M3 - Conference contribution

VL - 2018-January

SP - 697

EP - 701

BT - RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, RTEICT 2017

Y2 - 19 May 2017 through 20 May 2017

ER -

D'silva K, Vanajakshi J, Manjunath KN , Prabhu S. An effective method for preventing SQL injection attack and session hijacking. In RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings. Vol. 2018-January. Institute of Electrical and Electronics Engineers Inc. 2017. p. 697-701 doi: 10.1109/RTEICT.2017.8256687

An effective method for preventing SQL injection attack and session hijacking

Abstract

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this