Blocking SQL Injection in Database Stored Procedures

Sarangi, A and Panchamukhi, S (2010) Blocking SQL Injection in Database Stored Procedures. BTech thesis.



This thesis contains a summary of all the work that has been done by us for the B-Tech project in the academic session of 2009-2010. The area chosen for the project was SQL Injection attacks and methods to prevent them, and this thesis goes on to describe four proposed models to block SQL Injection, all of them obtained from published research papers. It then gives the details of the implementation of the model “SQL Injection prevention in database stored procedures” as proposed by K. Muthuprasanna et al, which describes a technique to prevent injections attacks occurring due to dynamic SQL statements in database stored procedures, which are often used in e-commerce applications. The thesis also contains the algorithms used, data flow diagrams for the system, user interface samples and the performance reports. The particulars of some of the modifications made to the proposed model during implementation have also been documented, and there has also been included a section which discusses the possible updations that could be made to the tool, and future work.

Item Type:Thesis (BTech)
Uncontrolled Keywords:SQL injection,Stored procedures,Dynamic SQL
Subjects:Engineering and Technology > Computer and Information Science > Information Security
Divisions: Engineering and Technology > Department of Computer Science
ID Code:1703
Deposited By:Shrinivas Anand Panchamukhi
Deposited On:13 May 2010 15:09
Last Modified:20 Dec 2013 09:55
Related URLs:
Supervisor(s):Babu, K S

Repository Staff Only: item control page