Abstract:
Web Applications form an integral part of our day to day life. The number of attacks on
websites and the compromise of many individuals secure data are increasing at an alarming
rate. With the advent of social networking and e-commerce, web security attacks such as
phishing and spamming have become quite common. The consequences of these attacks
are ruthless. Hence, providing increased amount of security for the users and their data
becomes essential. Most important vulnerability as described in top 10 web security issues
by Open Web Application Security Project is SQL Injection Attack (SQLIA). This paper
focuses on how the advantages of randomization can be employed to prevent SQL injection
attacks in web based applications. SQL injection can be used for unauthorized access to a
database to penetrate the application illegally, modify the database or even remove it. For a
hacker to modify a database, details such as field and table names are required. So we try to
propose a solution to the above problem by preventing it using an encryption algorithm based
on randomization and other solution is using Hirschberg algorithm, it is a divide and conquer
approach to reduce the time and space complexity. It has better performance and provides
increased security in comparison to the existing solutions. Also the time to crack the
database takes more time when techniques such as dictionary and brute force attack are
deployed. Our main aim is to provide increased security by developing a tool which prevents
illegal access to the database.
