Open AccessComponent based Web Application Firewall for Analyzing and Defending SQL Injection Attack Vectors
Author(s) -
Prabhat Bisht*,
Manmohan Singh Rauthan,
Raj Kishor Bisht
Publication year - 2019
Publication title -
international journal of recent technology and engineering
Language(s) - English
Resource type - Journals
ISSN - 2277-3878
DOI - 10.35940/ijrte.c4674.098319
Subject(s) - computer science , application firewall , computer security , web service , replay attack , database , web application security , world wide web , sql injection , stateful firewall , web development , web search query , query by example , authentication (law) , network packet , search engine
Structured query language injection is a top rated vulnerability by open web application security project community. If a web application has structured query language vulnerability in source code, then such application is prone to cyber-attacks, leading to attack on confidentiality, integrity and availability. Attackers are always ready to exploit structured query language injection vulnerabilities by executing various online attack vectors and many times successfully bypass authentication and authorization to gain privilege access on web and database server leading to service interruption, data interception, modification, fabrication and sometime complete deletion of database. The present paper is an attempt to propose an advance component based web application firewall to enhance web application security by mitigating structured query language injection attack vectors by analyzing hypertext transfer protocol request variables through analyzer component and defending injection attack through defender component based on content policy installed on advance web application firewall.