An Efficient Technique for Detection and Prevention of SQL Injection Attack in cloud
Abstract Databases are central to the modern websites as they provide necessary data as well as stores critical information such as user credentials, financial and payment information, company statistics etc. These websites have been continuously targeted by highly motivated malicious users to acquire monetary gain. Structured Query Language (SQL) injection and Cross Site Scripting Attack (XSS) is perhaps one of the most common application layer attack technique used by attacker to deface the website, manipulate or delete the content through inputting unwanted command strings.SQL injection attack is one of the most serious security vulnerabilities in Web application system, most of these vulnerabilities are caused by lack of input validation and SQL parameters use. Typical SQL injection attack and prevention technologies are introduced in the paper. We propose the technique to prevent SQL injection attack.Objective of this paper is to To re-design the existing available cloud system for running the sqlia detection and prevention.To detect sql injection attacks performing its prevention by implementing Apriori algorithm. Introduction Cloud computing is a new service model which has a great development with the advantages of flexible configuration, on-demand purchase and easy-maintenance. A large number of national infrastructure and related application services are gradually transferred to the cloud computing platform. Although the cloud computing brings many conveniences, it also brings a huge challenge to the security services. SQL injection refers to that the attacker operates the database by inserting a series of SQL statements in the query operation. Kost gives a feature of SQL injection: "Getting an unauthorized access and immediate retrieval from a database". In recent years, there are many literatures to research the detection and defense of SQL injection attack, but most of them have the low efficiency and high rate of false alarm[1]. To understand the concepts of the cloud computing technology a performance based efficient approach will be required for new paradigms to systematize the usually shared information and to deploy & develop the affiliated changes in different user-oriented platform models . Applying the various but suitable methods for providing privacy checks to the escapes is itself a major challenge of the cloud computing. Web servers which provide customer services are usually connected to highly sensitive information contained backend databases. The incrementing bar of deploying such web applications initiated in ranging the corresponding bar of number of attacks that target such applications. It initiates a vulnerable query to destroy the connected server systems and give attackers unauthorized access to underlying databases & rights to delete, modify and retrieve valuable and confidential information stored in databases. Information Collected By : Miss. Vandana