PREVENTION OF SQL INJECTION AND DATA THEFTS USING DIVIDE AND CONQUER APPROACH
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
seminar presentation
Active In SP
**

Posts: 582
Joined: Apr 2010
#1
30-05-2010, 11:30 PM



.ppt   sql injection ppt.ppt (Size: 332.5 KB / Downloads: 515)
PREVENTION OF SQL INJECTION AND DATA THEFTS USING DIVIDE AND CONQUER APPROACH
Domain : Security

Presented By:
S.Sivarama Krishnan
S.Manikandan
R.Senthil vason


Abstract

The SQL Injection provides the full unrestricted access to the malicious user. So that attackers can easily enter into the application.
The signature based method is a drawback , since the time taken to check the signature is very high
The SQL Injection access the application only by using special character
Introduction

Sql Injection:

SQL injection is an injection attack that exploits security vulnerability occurring in the database layer of an application.

Divide and Conquer:

A divide and conquer approach works by recursively breaking down a problem into two or more sub-problems of the same (or related) type, until these become simple enough to be solved directly. The solutions to the sub-problems are then combined to give a solution to the original problem.

Hirschberg algorithms

Some sql Injection for examples
The standard sql query format is :
Select * from table where UserName=Ëœramâ„¢ and Password=Ëœraviâ„¢;
Malicious user inject the following sql injection in this field as
UserName : ram
Password : anything™ or ˜1™=˜1
Select * from table where UserName=˜ram™ and Password=˜anything™ or ˜1™=˜1™;

Existing System

The SQL Injection attacks were prevented by using Signature based method.
Here the drawback is time complexity.
Next defense coding practices were done. But it is not much efficient because of the cost and complexity.

Proposed System

This approach is used for preventing the SQL Injection attack.
The SQL Injection accesses the application only by using the special characters.
So in our approach the special characters were totally avoided.

Modules

Monitoring Module
Analyzing Module
Preventing Module
Our approach

Monitoring module :

It gets the input from the web application and send it to analysis module . If analysis module finds any suspicious activity in sends error message and blocks the further transaction

SPECIFICATION :

Specifications comprise the predefined keywords and send it to analysis module for comparisons. These modules have all predefined keywords which is stored in the database.

ANALYSIS MODULE :

Analyzer module get the input from the monitoring module and it uses Hirschberg algorithm matrix for string comparison.
Data Flow Diagram

Hirschberg algorithm

Time complexity : O(nm)
Space complexity : O(min(nm))
Hirschberg algorithm
SOFTWARE & HARDWARE REQUIREMENTS

SOFTWARE REQUIREMENTS

Java1.5 or More
Tomcat 5.5
MS-SqlServer

HARDWARE REQUIREMENTS

Hard disk : 40 GB
RAM : 128mb
Processor : Pentium


REFERENCE

[1] Xiang Fu, Xin Lu, Boris Peltsverger, Shijun Chen, "A Static Analysis Framework For Detecting SQL Injection Vulnerabilities", IEEE Dynamic SQL Transaction of computer software and application conference, 2007.
[2] William G.J. Halfond, Alessandro Orso,Panagiotis Manolios, "WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation", IEEE Transaction of Software Engineering Vol 34, Nol, Twentieth January/February 2008. 2005.
[3] Konstantinos Kemalis and Theodoros Tzouramanis, "Specification [18] Xin based approach on SQL Injection detection", ACM, 2008.
Thank You
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
seminar surveyer
Active In SP
**

Posts: 3,541
Joined: Sep 2010
#2
02-10-2010, 12:50 PM


.ppt   second review ppt.ppt (Size: 358.5 KB / Downloads: 290)

Abstract
-This system will provides robust security against SQL Injection and Data theft.
-In this System we are preventing the unexpected accessibility of database through the SQL Query by the help of special character.
-We introducing here divide and conquer approach to prevent the SQL injection.
Reply
seminar surveyer
Active In SP
**

Posts: 3,541
Joined: Sep 2010
#3
15-11-2010, 03:14 PM

go through the following thread too for more information on 'Prevention of SQL Injection and Data Thefts Using Divide and Conquer approach'

seminar and presentationproject and implimentationsattachment.php?aid=4832
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Finding a New Approach to Measure the Operational Value of Intelligence for Military seminar flower 66 1,621 30-11-2015, 05:43 PM
Last Post: Guest
  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing PPT project girl 1 1,027 21-10-2015, 01:52 PM
Last Post: Guest
  Data Hiding in Video using Least Bit Technique seminar tips 1 603 18-10-2014, 05:40 AM
Last Post: wayan sukadana
  data mining full report project report tiger 35 199,297 03-10-2014, 04:30 AM
Last Post: kwfEXGu
  A Novel Data Embedding Method Using Adaptive Pixel Pair Matching Report project girl 4 1,879 18-09-2014, 03:49 PM
Last Post: Radhika.m
  Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storag seminar flower 3 3,197 23-05-2014, 10:04 AM
Last Post: seminar project topic
  Image Data Acquisition and compression using K-RLE Algorithm on Embedded ARM ppt seminar projects maker 0 617 28-09-2013, 04:36 PM
Last Post: seminar projects maker
  The Use of Interval-Related Expert Knowledge in Processing 2-D and 3-D Data seminar projects maker 0 340 26-09-2013, 02:13 PM
Last Post: seminar projects maker
  Migration of Databases – An XML Approach Abstract seminar projects maker 0 312 19-09-2013, 03:44 PM
Last Post: seminar projects maker
  Educational Multimedia Server – A Java Approach Abstract seminar projects maker 0 438 19-09-2013, 03:41 PM
Last Post: seminar projects maker