Query Parsing at the Application Layer to Prevent Sql Injection

Only available on StudyMode
  • Topic: SQL, SQL injection, Microsoft SQL Server
  • Pages : 5 (1324 words )
  • Download(s) : 79
  • Published : May 18, 2011
Open Document
Text Preview
Query Parsing At the Application Layer to Prevent Sql Injection Presented by
Saurabh Jain
---------------------------------------------------------------------------------------------------------------------

Abstract
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. Thus when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. The code for this attack can be inserted from the application by the attacker so the idea behind to avoid sql injection is to analyze the query at the application layer so that the vulnerable code never get executed. We have analyzed that a small piece of code injected from the application could let the user to bypass the login system. So we will analyze the code at the application layer to see that if any malicious sql statements are present then the application would stop that code to be executed by the sql server. The objective of the project is to design a secure layer at the application level so that the whole sql query will be parsed and analyze by the application to see if the query contains any

sql injection code and if it contains it will not be executed by the sql server. The query needs to be filter at the application layer before it is being sent to the database server. The scope is to develop the secure algorithm which would analyze the query before it is being executed. The algorithm acts as a secure layer through which the query passes and it’s being checked for malicious sql injection code. Introduction

Since database is used in almost all the application nowadays and we are focusing mainly an on web application that uses MS sql server or My sql server as a database. A small code can be inserted from the application while entering the basic details and it can be a malicious Sql code which when executed can extract the classified information which may not be for a normal user. The code for this attack can be inserted from the application by the attacker so the idea behind to avoid sql injection is to analyze the query at the application layer so that the vulnerable code never get executed. It is to design a secure layer at the application level so that the whole sql query will be parsed and analyze by the application to see if the query contains any sql injection code and if it contains it will not be executed by the sql server. The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. When the stored strings are subsequently concatenated into a dynamic SQL command, the malicious code is executed. The injection process works by prematurely terminating a text string and appending a new command. Because the inserted command may have additional strings appended to it before it is executed, the malefactor terminates the injected string with a comment mark "--". Subsequent text is ignored at execution time. Thread Modeling

• SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. • SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections.

• The severity of SQL Injection attacks is limited by the attacker’s skill and imagination, and to a lesser extent, defense in depth countermeasures, such as low privilege...
tracking img