StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...

Injection attacks - Research Paper Example

Cite this document
Summary
Injection attacks refer to the introduction of malicious codes or scripts into a program or web application from an external source (Patel, Mohammed & Soni, 2011). An example includes an input field provided by web application to gather input from an end-user.
Kolhe and…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91% of users find it useful
Injection attacks
Read Text Preview

Extract of sample "Injection attacks"

Download file to see previous pages

This SQL injection would fool the database to be a regular user query and then easily access the system. The attacker spoofs identity; become the database server’s administrator; and exposes, makes unavailable or destroys existing data. a. SQL manipulation - This involves the modification of the SQL query through the alteration of the WHERE clause (Patel et al., 2011). This modification would cause an amendment of the statement’s WHERE clause so that it constantly returns TRUE. b. Code injection – New SQL statements, instead of valid input, would be introduced into the input fields.

The classic statement or code would then append a SQL Server command, making SQL statement vulnerable. Patel et al. (2011) argues that code injection only works through the support of request of various SQL statements per database or support of keywords like OR and AND by the database. c. Function call injection involves user defined functions or database functions being added into vulnerable SQL queries. Patel et al. (2011) observe that these function calls could be applied in the making of internal calls or modification of data in the database that could be harmful to users.

Certain characters should be the only ones accepted in the input areas. The length of these fields should be limited (Patel et al., 2011). For example, for usernames and passwords, only numbers and alphabets should be accepted and the field limited to 15 characters. This involves the alteration of application flow through overwriting of memory parts (Cowan, Wagle & Pu, 2000). This aims at subverting the operation of a privileged program for the attacker to take control of the program so as to control the host.

In this case, the attacker exploits websites so as to inject data into the given application so as to execute XPath queries (Shanmughaneethi, Ravichandran & Swamynathan, 2011). XPath refers to a query language which describes the way of locating

...Download file to see next pages Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Injection attacks Research Paper Example | Topics and Well Written Essays - 750 words”, n.d.)
Injection attacks Research Paper Example | Topics and Well Written Essays - 750 words. Retrieved from https://studentshare.org/information-technology/1645652-injection-attacks
(Injection Attacks Research Paper Example | Topics and Well Written Essays - 750 Words)
Injection Attacks Research Paper Example | Topics and Well Written Essays - 750 Words. https://studentshare.org/information-technology/1645652-injection-attacks.
“Injection Attacks Research Paper Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1645652-injection-attacks.
  • Cited: 0 times

CHECK THESE SAMPLES OF Injection attacks

Systems Programming

The paper ''Systems Programming'' tells that Network security is continuously evolving and becoming a challenging aspect for organizations maintaining highly sensitive and customer data.... New technologies derive benefits as well as new risks that are not limited to logical threats, physical and human threats....
7 Pages (1750 words) Essay

Solve the questions

The problem with input validation is the fact that it can be utilized to conduct cyber attacks.... Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it.... 4) Based on the reading in the book an attacker (most of the time) must learn about the database in order to attack with SQL injection.... SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application....
3 Pages (750 words) Assignment

The Security Risks Associated with Online Access to Databases

he relationship between databases and web applications is based on trust but this can be weakened from SQL injection attacks, thereby permitting further attacks.... Even encryption cannot prevent these types of attacks (Chickowski, 2009-8).... The essay “The Security Risks Associated with Online Access to Databases” focuses on databases, which usually contain sensitive information yet security is often lacking to protect them....
2 Pages (500 words) Essay

What will replace passwords

While the cyberspace is encouraging open markets and open social orders, the openness of this space has exposed the people towards cyber attacks.... Many of the countries have tried to protect their people against the attacks.... However, the technological sector is evolving very fast, an aspect that is making it very hard for the institutions that have been put up to deter the attacks to keep up with the changes.... The internet providers and social media companies have not been able to put up stern measures to avoid the attacks....
11 Pages (2750 words) Research Paper

Penetration Testing and Advanced Hacking Techniques

The paper “Penetration Testing and Advanced Hacking Techniques” provides a description of the most popular Hacking Techniques (Distributed Denial of Service attacks, Session Hijacking, SQL Injection, Hacking a Web Server and etc.... In fact, sometimes these attacks are launched using thousands of compromised computer systems.... Additionally, the system administrator can also filter the traffic if they can identify the source of the attacks....
7 Pages (1750 words) Case Study

The Major Security Threats

In fact, these security threats and attacks are becoming more and more complicated over time.... Even though there are so many ways and techniques (such as security firewalls, IDS, or Antivirus programs) to deal with these security attacks, none of them proved effective in dealing with these challenges.... Keeping these problems in mind, I have decided to choose a research area to guide the users on how they could deal with these security attacks....
8 Pages (2000 words) Term Paper

The Idea of Sandboxing and Its Techniques

This coursework "The Idea of Sandboxing and Its Techniques" focuses on the main function of the sandbox that generates a remote atmosphere in which the applications run to block malware attacks.... The applications that are run by sandbox include IM consumers, Web browsers, Online games, Emails, and other applications that are open for malware attacks....
14 Pages (3500 words) Coursework

Web Application Security

The paper critically discusses the dangers of SQL injection in terms of website attacks that affects most individuals and organizations.... The incorrectly filtered escape characters are some of the methods that render the websites of the organizations vulnerable to attacks.... The SQL injection is one of the techniques used to attack a website and hence rendering it ineffective to the users.... The SQL injection is one of the techniques used to attack a website and hence rendering it ineffective to the users....
6 Pages (1500 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us