SQL Injection Attacks and possible Remedies

The book describes about the threats on the database.we provide descriptions and examples of how attacks of different type could be performed. we also present a methodology to prevent SQL injection attacks. It concentrate on the SQL queries and SQL Stored procedure where Input parameters are injected by the attacker.SQL injection refers to a class of code-injection attacks in which data provided by the user is included in an SQL query in such a way that part of the user s input is treated as SQL code.Even if the injected code is intercepted before execution, administrators are often presented with information that does not identify clearly the association between the commands that were attempted, the assets that were at risk, the threats that were imposed, and the countermeasures he/she has at disposal. To address these issues, a repository of SQL injection attacks that are classified in a semantic-aware, easy to comprehend model is needed.

Autorentext

Jayeeta Majumder,M.Tech in (CSE),presently working as an assistant Professor in CSE Department of Haldia Institute of Technology with teaching experience four years. Her field of interest is network security & cryptography .she published more then five research papers in the field of information security in referred naational/International journal