CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
Cryptoghaphy
1. A DISSERTATION STAGE I REPORT
ON
Web services based SQL Injection Detection and Prevention
SUBMITTED TO
THE UNIVERSITY OF PUNE, PUNE
IN PARTIAL FULFILMENT OF THE REQUIREMENTS
FOR THE AWARD OF DEGREE
Master of Engineering (Computer Engineering)
By
Candidate Name:BODAKE VIJAY JAGANNATH Exam no.:
UNDER THE GUIDANCE OF
Prof. Ranjit Gawande
DEPARTMENT OF COMPUTER ENGINEERING
Matoshri College of Engineering and Research Centre,
Nashik Eklahare, Near OdhaGaon, Aurangabad Road,
Nashik
Pin No.:422135
University of Pune
2014-15
2. DEPARTMENT OF COMPUTER ENGINEERING
Matoshri Education Society’s
Matoshri College of Engineering and Research Centre,Nashik
Eklahare,Near Odha Gaon,Aurangabad Road,Nashik
CERTIFICATE
This is to certify that the dissertation entitled ”Web services based
SQL Injection Detection and Prevention” submitted by BO-
DAKE VIJAY JAGANNATH Exam No: [ ] is a
bonafied the work carried out by her is approved for the partial fulfill-
ment of the requirements of University of Pune, for the award of degree
of Master of Engineering in Computer Engineering.
(Prof.R.M.Gawande) Dr. Varsha H. Patil Dr. G.K.Kharate
Internal Guide Head Principal
Department of Computer Engineering
Seal of the College
3. DECLARATION
I hereby declare that this submission is my own work and that, to
the best of my knowledge and belief, it contains no material previously
published or written by another person nor material which has been
accepted for the award of any other degree or diploma of the university
or other institute of higher learning, except where due acknowledgement
has been made in the text.
Place:Nasik Signature
Date: Name : Bodake Vijay Jagannath
. PRN/Reg. No.:
4. ACKNOWLEDGEMENT
Inspiration and guidance are invaluable in every aspect of life, espe-
cially in the field of education, which I have received from our respected
H.O.D. Dr. Mrs. Varsha H. Patil who has guided me in the first
two phases of seminar work and gave earnest co-operation whenever
required. I would like to express my sincere gratitude towards her.
I am pleased to announce that my presentation of the Seminar as well
as the report would not have been completed without the able guidance
and complete support of Prof.Mr. Ranjit Gawande who helped me
at each and every step in every possible way. He always provided me
with access to the latest technology and facilities and encouragement
at every point and took active participation in the achievement of my
objective. Heartfelt my foremost thanks go to seminar guide and help
of my well-wishers and colleagues.
At last, I would like to take this opportunity to convey thanks to
all my staff members, who directly or indirectly encouraged and helped
me to complete my work on time and contributed their valuable time
in helping me to achieve success in the work of seminar
Bodake Vijay J.
[ME computer, Roll no.:- ]
5. ABSTRACT
Web Applications form an integral part of our day to day life. The
number of attacks on websites and the compromise of many individ-
uals secure data are increasing at an alarming rate. Hence, providing
increased amount of security for the users and their data becomes essen-
tial. Most important vulnerability as described in top 10 web security
issues by Open Web Application Security Project is SQL Injection At-
tack (SQLIA). The Proposed system focuses on how the advantages
of randomization can be employed to prevent SQL injection attacks in
web based applications. The two most important advantages of the pro-
posed approach against existing analogous mechanisms that are, first, it
prevents all Forms of SQL injection attacks using active guard and ser-
vice detector; second, use of randomization encryption algorithm pro-
vides enhanced security while detecting and preventing SQL Injection
Attacks in database
Keywords: Randomization, SQL injection,Vulnerability, web appli-
cation security, Runtime Monitoring, service detector, active guard.
6. INDEX
Sr.
no.
Contents Page
no.
1. Introduction 1-29
1.1 Background of SQLIAs 8
1.2 Need of the system 16
1.3 Detailed Problem Definition 17
1.4 Objectives of the system 17
1.5 Project Plan, Dissertation Plan 18
1.6 Paper Publication plan 18
1.7 Organization of Dissertation 19
2. Literature survey 20-
26
2.1 Existing System 20
2.2 Evaluation of existing techniques 23
2.3 Proposed System 25
2.4 Summary 26
3. Software Requirement Specification 26-
29
3.1 Requirement analysis 26
3.2 Functional Requirement 27
3.3 Non Functional Requirement 27
3.4 Algorithmic Strategies 28
3.5 Domain analysis 29
3.6 Summary 29
8. LIST OF FIGURES
Fig
no.
Figure caption Page
no.
1.1 Example Containing Vulnerability 11
1.2 Project Plan 17
3.1 Random Encryption algorithm 29
3.2 Lookup table for Encryption algorithm 30
4.1 Use case Diagram 32
4.2 Class Diagram 33
4.3 Sequence Diagram 35
4.4 architecture Diagram 36
4.5 Data Flow Diagram 39
9. LIST OF TABLES
Tab
no.
Table caption Page
no.
2.1 Comparison Of existing Technique 23
2.2 Objectives Of Various Approaches 24
2.3 COMPARISONS OF VARIOUS SQLIAs DETEC-
TION FOCUSED APPROACHES WITH RESPECT
TO ATTCK TYPES
25
2.4 Comparison of techniques with respect to deployment
requirements
26
2.5 Comparison of prevention-focused techniques with re-
spect to attack types
27
2.6 Evaluation of Code Improvement Techniques with
Respect to Common Development Errors
28
11. Web services based SQL Injection Detection and Prevention 1
Chapter 1
INTRODUCTION
This chapter introduces to the entire background of the proposed
work. It highlights the overall description of entire work. It also high-
lights the concept of SQL injection attacks.
1.1 Background of SQLIAs
An SQL injection attack occurs when an attacker manipulates the
intended effects of SQL query by inserting new SQL keywords or op-
erators into the query. Attacker sends this modified query to a user
input box in a web form of a web application to gain unauthorized ac-
cess. This input is converted in an SQL query in such a way that it
forms an SQL code [2, 3]. This is generalized definition of SQL injec-
tion. 1.1.1 SQL Injection Mechanisms Malicious SQL Statements
can be inserted into injection vulnerable application by different input
mechanisms. This section focuses on most common injection mecha-
nisms.
1. Injection through user inputs : in this type, attacker injects
malicious SQL commands into user input query. A web application
can read user inputs by many ways depending on the environment
in which the application is developed and deployed. In most of the
cases the user input comes from web form that is transmitted to
the web application via HTTP GET or POST requests [14]. Using
this type of injection, attacker can gain unauthorized access of web
application and its underlying database.
2. Injection through server variables: Server variables are col-
lection of variables containing HTTP , environmental variables,
network headers etc. web application use these variables in variety
of ways such as logging usage statistics and identifying browsing
trends. If these variables are use to logged into database without
sanitization, it could cause SQL injection vulnerability [30]. As
attacker can forge the values in HTTP and network headers, they
can expose these vulnerabilities by placing an SQLIA directly into
the headers. When the query log to the server, the unsanitized
variables get issued to the database and the attack in the forged
header then takes place.
Department of Computer Engineering,MCERC,Nashik.
12. Web services based SQL Injection Detection and Prevention 2
3. Injection through cookies: Cookies are stored on the client
machines which are files containing state information gathered by
web applications. These cookies can be used to restore the clients
state information when client returns to the web application. As
client has full control over the cookies, a malicious client can mod-
ify the contents of the cookies to built SQL Queries to submit the
attack to the web application [8].
4. Second Order Injection: In this type attacker sends malicious
inputs to the system or database to directly perform SQLIA when
the input is used at a later time. The objective of this type of
attack significantly differs from regular SQLIAs (first order injec-
tion attacks). Second order injections are not intended to occur
at the time of input reaches to application or database but the
attacker relays on the knowledge of where the and when the input
will be used and plans the attack so that it executes during the
usage of application or database. To clarify we present a classic
example of a second order injection attack [1]. In this example, a
user registers on a website using a seeded username, such as ad-
min. The application will properly escape the single quotes from
input before storing it in database, preventing its potentially ma-
licious effects. At this point the attacker modifies his or her pass-
word, an operation typically involving 1) checking that the user
knows the current password and 2) changing the password if the
check is successful. To perform this web application might form
an SQL command as follows: query String=UPDATE users
SET password = +new Password+ WHERE username=
+ username+ AND password +old Password+
newPassword and oldPassword are the new and old pass-
words given by user respectively, and username is the name of
the user currently logged-in (i.e. admin–). Therefore the query
string that is sent to the database is: UPDATE users SET
password = newPwd WHERE username= admin—AND
password=oldPwd (The query assumes that newPassword
and oldPassword are newPwd and oldPwd). Because —is
the SQL comment operator, everything after this is ignored by the
database. Therefore, the result of this query is that the database
changes the password of the administrator (admin) to an attacker
specified value. These types of injections are usually difficult to
Department of Computer Engineering,MCERC,Nashik.
13. Web services based SQL Injection Detection and Prevention 3
detect and prevent because the point of injection and point where
the attack actually takes place are different. 1.1.2 attack Intent
Attacks can also be characterized based on the goal or intention
of the attacker [2]. Therefore each of the attack type described in
section 4 has one of the following intention or goal.
1. Injectable parameters Identification: Here attacker finds
parameters and user input fields that are vulnerable to SQLIAs
and probe a web application accordingly.
2. Database fingerprinting: The attacker discovers the type and
version of database that a Web application is using. Databases
respond differently to different queries and attacks, and this infor-
mation can be used to fingerprint the database. Knowing the type
and version of the database used by a Web application allows an
attacker to craft database specific Attacks. [2].
3. Extracting data: These types of attacks employ approaches
that extract data values from the database. Depending on the
type of the Web application, this information could be sensitive
and highly desirable to the attacker. Attacks with this intent are
the most common type of SQLIA.
4. Modification of Data: this type involves adding and modifying
data in a database.
5. Performing denial of service: This involves shutdown of database
of web application, and denying services to users. Locking and
dropping database tables type of attack also comes under this cat-
egory.
6. Evading detection: This type refers to certain attack approaches
that are employed to avoid auditing and detection by system pro-
tection mechanisms [2].
7. Authentication Bypassing: This type of attack is intended to
allow attacker to bypass database and web application authenti-
cation mechanisms. And attacker gains all the rights and access
privileges to databases and applications.
Department of Computer Engineering,MCERC,Nashik.
14. Web services based SQL Injection Detection and Prevention 4
8. Executing remote commands: These types of attacks aims
to execute arbitrary commands on the database for ex. stored
procedures or functions available to database users.
9. Performing Privilege Escalations: These types of attacks are
intended to take advantages of errors in code and logical flaws to
escalate privileges of attacker.
Department of Computer Engineering,MCERC,Nashik.