Enhancing website security through prevention of SQL and data inference injections
Department of ECE, Visvesvaraya Technological University, Belagavi, Karnataka, India.
Research Article
World Journal of Advanced Research and Reviews, 2022, 13(03), 673-678
Publication history:
Received on 11 February 2022; revised on 24 March 2022; accepted on 29 March 2022
Abstract:
The widespread use of web applications for handling sensitive personal information makes them a primary target for cyberattacks. SQL Injection and Data Inference attacks, in particular, represent critical vulnerabilities that exploit an application's database layer. This paper proposes a multi-layered security framework to mitigate these threats through advanced optimization and encryption techniques. We introduce a query tree mechanism for real-time attack detection, designed to analyze the structure of user queries and identify malicious patterns. To further enhance security, we propose the implementation of Fully Homomorphic Encryption (FHE), an advanced cryptographic method that allows for computations on encrypted data. This dual approach of proactive detection and robust encryption aims to create a resilient defense, significantly improving the security posture of web applications against sophisticated data-level attacks.
Keywords:
Web Application Security; SQL Injection; Data Inference Attacks; Query Tree Mechanism; Real-Time Attack Detection; Fully Homomorphic Encryption; Encryption Techniques; Cybersecurity Defense
Full text article in PDF:
Copyright information:
Copyright © 2022 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0