TJES: Ablahd AZ, Dawwod SA .Using Flask for SQLIA Detection and Protection . Tikrit Journal of Engineering Sciences 2020; 27(2): 1- 14.
References
[1] Huang, Yao-Wen, et al. Securing web application code by static analysis and runtime protection Proceedings of the 13th international conference on World Wide Web. ACM ,2004.
[2] Boyd, Stephen W., and Angelos D. Keromytis. Preventing SQL injection attacks. International Conference on Applied Cryptography and Network Security. Springer Berlin Heidelberg,2004.
[3] Kemalis, Konstantinos, and Theodores Tzouramanis. SQL-IDS: a specification-based approach for SQL-injection detection. Proceedings of the ACM, 2008.
[4] Junjin, Mei. An approach for SQL injection vulnerability detection. ITNG\\\’09. International Sixth Conference on. IEEE. Justin Clarke. (2009). SQL Injection attacks and defense. Burlington, Mass:Syngress Pub,2009.
Tikrit Journal of Engineering Sciences (2020) 27(2) 1- 14.
Using Flask for SQLIA Detection and Protection
Ann Z..Ablahd *1 Suhair A..Dawwod 2
DOI: http://dx.doi.org/10.25130/tjes.27.2.01
Abstract
At present the web applications are used for most of the life activities, these applications are affected by an attack called (Structure Query Language Injection Attack) SQLIA due to the vulnerabilities of the web application. The vulnerabilities of the web application are increased because most of application developers do not care to security in designing.SQL injection is a common attack that infects a web application. The attacker adds (Structured Query Language) SQL code to web page for accessing and changing victim databases.The vital step in securing the database and detecting such an attack in web apps is preparing a tool. Many researchers propose different ways for detection and prevention of such as an attack. In this paper a tool it proposed using a powerful micro-framework web application designer called Flask in Python 3.7 to detect and prevent such attacks. The proposed system is called SQLIAD. SQLIAD analyzed a web application on-line.
8050 Downloads |
Keywords: SQL injection, Flask, vulnerability, Web application, Python, Django
Related Articles