Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

Fadlil A.; Riadi I.; Mumin M.A.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: International Journal of Engineering Year:2024 | Volume:37 | Issue:4 Page(s): 635-645

Download Full-Text

View:

Download:

Cites:

Information Journal Paper

Title

Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework

Author(s)

Fadlil A. | Riadi I. | Mumin M.A. | Issue Writer Certificate

Keywords

Mitigation

Open Web Application Security Project

Database

data security

Web Server

Abstract

SQL injection (SQLi) is one of the most common attacks against Database servers and has the potential to threaten server services by utilizing SQL commands to change, delete, or falsify data. In this study, researchers tested SQLi attacks against websites using a number of tools, including Whois, SSL Scan, Nmap, Open Web Application Security Project (OWASP) Zap, and SQL Map. Then, researchers identified SQLi vulnerabilities on the tested Web Server. Next, researchers developed and implemented Mitigation measures to protect the website from SQLi attacks. Test results using OWASP Zap identified 14 vulnerabilities, with five of them at a medium level of 35%, seven at a low level of 50%, and two at an informational level of 14%. Meanwhile, testing using SQL Map succeeded in gaining access to the Database and username on the Web Server. The next step in this research is to provide recommendations for installing a firewall on the website as a Mitigation measure to reduce the risk of SQLi attacks. The main contribution of this research is the development of a structured methodology to identify and address SQLi vulnerabilities in Web Servers, which play an important role in maintaining data security and integrity in a rapidly evolving online environment.

Multimedia

No record.

Cites

No record.

References

No record.

Cite

Related Journal Papers

No record.

Related Seminar Papers

No record.

Related Plans