DSpace Repository

A Case Study of SQL Injection Vulnerabilities Assessment of .bd Domain Web Applications

Show simple item record

dc.contributor.author Alam, Delwar
dc.contributor.author Kabir, Md. Alamgir
dc.contributor.author Bhuiyan, Touhid
dc.contributor.author Farah, Tanjila
dc.date.accessioned 2018-09-12T04:30:18Z
dc.date.accessioned 2019-05-27T09:59:30Z
dc.date.available 2018-09-12T04:30:18Z
dc.date.available 2019-05-27T09:59:30Z
dc.date.issued 2016-06-16
dc.identifier.uri http://hdl.handle.net/20.500.11948/3176
dc.description.abstract Web applications or services play an important role in present day to day life. They have impact on the development of both individual and a country. Easy access to services such as online education, banking, reservation, shopping, resources, and information sharing have been proven most efficient for every day life. Various government and private organizations of Bangladesh have started to use web services to support clients. Most of the web applications of Bangladesh is registered with .bd domain and developed using content management system(CMS), various scripting language and SQL or MySQL database.Web applications are popular target for web attackers. However the security issues of the .bd domain web applications are not looked appropriately upon as of yet. One of the most attacked vulnerability of the database driven web applications is SQL injection or SQLi. SQLi through URL and user-input field is extremely high risk in current web based applications. Restricting user access to URL and user input field defies the purpose of web applications. However, the un-restricted user access exposes the vulnerable fields to web attacks. To prevent these exploitation'sit is essential to have knowledge of the vulnerabilities adversaries uses to exploit the web applications. This paper presents an evaluation and analysis of SQLi vulnerabilities present in the existing web applications of .bd domain using black box penetration testing approach. User input based SQLi has been used for evaluation. Full Text Link: http://doi.org/10.1109/CyberSec.2015.23 en_US
dc.language.iso en en_US
dc.publisher IEEE Xplore en_US
dc.subject Databases en_US
dc.subject Syntactics en_US
dc.subject Uniform resource locators en_US
dc.subject Browsers en_US
dc.subject Web servers en_US
dc.title A Case Study of SQL Injection Vulnerabilities Assessment of .bd Domain Web Applications en_US
dc.type Article en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Browse

My Account