A Proactive Approach for Detecting SQL and XSS Injection Attacks

A Proactive Approach for Detecting SQL and XSS Injection Attacks

연구 분야: Databases

학회: 2024 3rd International Conference on Applied Artificial Intelligence and Computing (ICAAIC)

As web applications increasingly become integral to everyday life, ensuring their security is paramount. The importance of his cannot be overstated, as web attacks have seen a dramatic increase, primarily due to insufficient input validation mechanisms. Specifically, focused on the threat posed by injection vulnerabilities, including both SQL injection and cross-site scripting (XSS) injections. Despite the widespread awareness of these vulnerabilities and the availability of methods to prevent them, a significant number of developers still lack the necessary security training and awareness. This leaves a vast number of websites vulnerable to attacks, compromising user data and integrity. In response to this challenge, introducing a novel approach: an automated vulnerability scanner designed to specifically target and identify these types of injection attacks. By focusing on SQL injection and XSS vulnerabilities, this system aims to enhance the security of the web landscape, which is continually expanding and evolving. The scanner works by automatically analyzing websites to detect potential exploitable vulnerabilities in their input validation processes. Beyond merely identifying these vulnerabilities, this system also suggests prevention methods. These strategies help the developers to mitigate and identify risks, thereby safe guarding websites against such attacks. Proposed solution contributes significantly to the field of web application security and protect countless cyberattacks.