Browse By Repository:

 
 
 
   

SQL injection performance analysis

Chai, Rou Sin (2021) SQL injection performance analysis. Project Report. Universiti Teknikal Malaysia Melaka, Melaka, Malaysia. (Submitted)

[img] Text (24 Pages)
SQL injection performance analysis.pdf - Submitted Version
Download (289kB)
[img] Text (Full Text)
SQL injection performance analysis.pdf - Submitted Version
Restricted to Repository staff only
Download (5MB)

Abstract

Internet technology is a popular information infrastructure in today's business and education worlds. By employing modern science and technology, Web developers produce a variety of web applications or websites for the ease of our everyday lives in numerous fields. However, the ignorance of basic protection and privacy concerns is a critical problem for web developers and causes the attackers grab the opportunity to take malicious actions on these web applications. Thus, SQL injection attack has been identified as one of the most common threats to most web applications today. This attack is a vulnerability to web security that enables an attacker to interact with the requests made to his database by an application. Besides, this kind of hacking technique requires entry point to execute which include Dynamic SQL, modifications of URL Strings, web or application forms, employee abuse of limited access and error messages. The users who lack of acknowledge are easier became the victims of SQL Injection. In this research, it will be mainly focused on the performance of SQL injection on a prototype website and the effectiveness of the prevent approach implemented. There are three ways of SQL injection applied which are Tautologies, Union Queries and SQLMAP while the prevention is inserting mysqli_real_escape_string() function inside the source code of the prototype website. Along this research, these three techniques of SQL injection are success implemented and they are managed to retrieve the data from the hidden database server with bypassing all the authentication on the website. In addition, the prevention utilized is worked on Tautologies and Union queries attack. In short, this research outlines the performance analysis on SQL injection before and after applying the prevention

Item Type: Final Year Project (Project Report)
Uncontrolled Keywords: Tautologies, Union queries, SQLMAP, Prevention, SQL injection
Divisions: Library > Final Year Project > FTMK
Depositing User: Norfaradilla Idayu Ab. Ghafar
Date Deposited: 23 May 2023 05:40
Last Modified: 23 May 2023 05:40
URI: http://digitalcollection.utem.edu.my/id/eprint/27355

Actions (login required)

View Item View Item
Download Statistics

Downloads

Downloads per month over past year
 
UNIVERSITI TEKNIKAL MALAYSIA MELAKA DIGITAL COLLECTION is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.