Article Per Year (5 Year)
p-Index From 2019 - 2024
0.23
P-Index
This Author published in this journals
All Journal Indonesian Journal of Electrical Engineering and Informatics (IJEEI)
Zeinab Lashkaripour
Velayat University
Computer Science & IT Electrical & Electronics Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Web Application Reinforcement via Efficient Systematic Analysis and Runtime Validation (ESARV) Zeinab Lashkaripour
Indonesian Journal of Electrical Engineering and Informatics (IJEEI) Vol 8, No 2: June 2020
Publisher : IAES Indonesian Section

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52549/ijeei.v8i2.1107

Abstract

Securing the data, a fundamental asset in an organization, against SQL Injection (SQLI), the most frequent attack in web applications, is vital. In SQLI, an attacker alters the structure of the actual query by injecting code via the input, and gaining access to the database. This paper proposes a new method for securing web applications against SQLI Attacks (SQLIAs). It contains two phases based on systematic analysis and runtime validation and uses our new technique for detection and prevention. At the static phase, our method removes user inputs from SQL queries and gathers as much information as possible, from static and dynamic queries in order to minimize the overhead at runtime. On the other hand, at the dynamic phase, the prepared information alongside our technique are used to check the validity of the runtime query. To facilitate the usage of our method and show our expectations in practice, ESARV was implemented. The empirical evaluations demonstrated in this paper, indicate that ESARV is efficient, accurate, effective, and also has no deployment requirements.
Co-Authors