Prevention of SQL Injection Attack by Using Black Box Testing

Prevention of SQL Injection Attack by Using Black Box Testing

연구 분야: Strategies

학회: ICDCN '22: Proceedings of the 23rd International Conference on Distributed Computing and Networking

SQL injection attacks are diverse and have fast variations, making it convenient to handle them. An SQL attack can affect the entire system to a great extent, adversely affecting the website, as well as data loss and leaking. In the past, enormous efforts have been put forth into handling the attack. This attack consists of a variety of heterogeneous components, which has always made research a challenging attempt. A web application injection attack allows hackers to gain control of a web application by entering invalid input. In the past, researchers found that many applications were vulnerable to such attacks as a result of less efficient entry validation. We propose an automated black box testing program for automating the task of SQL Injection Vulnerability to eradicate SQL injection attacks. The SQLIV is automatically assessed when such attacks are carried out. Also, it uses object-oriented methodology to develop the SQLIV Scanner so that false +ve and -ve results can be reduced. The algorithm’s performance can be compared with existing algorithms and an experimental analysis can be conducted to test and validate its results. A new algorithm is expected to provide more accurate results.