SlideShare a Scribd company logo

SQl Injection Protector for Authentication in Distributed Applications

IOSR Journals
IOSR Journals

IOSR Journal of Computer Engineering (IOSR-JCE) Vol.10 issue.2

EngineeringTechnology
1 of 4
Download to read offline
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 10, Issue 2 (Mar. - Apr. 2013), PP 46-49 www.iosrjournals.org www.iosrjournals.org 46 | Page SQl Injection Protector for Authentication in Distributed Applications Mrs.R.Velvizhi, PG Scholar M.E Computer Science IFET Engineering College, Villupuram. Abstract: In today’s information age, information sharing and transfer has increased exponentially. The treat of an intruder accessing secret information has been an ever existing concern for the data communication experts. Cryptography and steganography are the most widely used techniques to overcome this threat .Web application has been developed with very rapid progress. Security vulnerabilities due to amendment of intruders and hackers become predominant in the current trends. The work of this paper proposes a technique using hash value of user name and password,to improve the authentication process. We have built an prototype,SQL injection protector for authentication (SQLIPA).In addition to the proposed hash technique we are trying to conceal the logged in information using chaffing and winnowing technique in a stenographical image. These images will be stored as file stream by an encrypted layer in the backend to hide the tuples used for storage in a distributed environment. Validating the XML content with typed dataset will scrutinize the input data further associated with XSD filtration. Key Words: Security, Cryptography, Stenography, SQL Injection Protector for Authentication, Hash Technique. I. INTRODUCTION The objective of this project is to propose a new system model which will guarantee a system where the user couldn’t hack the data. Our systems provide solution for most of the possible SQL attacks. The scope of this project is to detect the SQL injection attacks at presentation, business and database levels. The SQL attacks can be prevented by anti spoofing technique. The XSD validation also done to avoid the hackers to access the data. This paper proposes a SQL Injection detection method by comparing the static SQL queries with the dynamically generated queries after removing the attribute values. The paper compares our method with other detection methods and confirmed the efficiency of our proposed method. The proposed method simply removes the attribute value in the SQL queries for analysis which makes it independent from the DBMS. The remaining part of this paper is formulated as, chapter II deals with Literature survey, chapter III describes the system proposed with testing, chapter IV concludes with future scope. II. LITERATIRE SURVEY An authentication methodology that combines multimodal biometrics and cryptographic mechanisms for border control applications is discussed in [1]. The method described accommodate faces and fingerprints without a mandatory requirement of (tamper resistant) smart-card-level devices on e-passports for easier deployment. It is even allowable to imprint (publicly readable) bar codes on the passports. Survey about the past decades and advancement in the area of database management systems shifts towards multimedia is discussed in [2]. Multimedia information is very expressive, self explanatory, narrative, etc. The growing of digital medias (digital camera, digital video, digital TV, e-book, cell phones, etc.) gave rise to the revolution of very large multimedia databases, in which the need of efficient storage, organization and retrieval of multimedia contents came into question. Among the multimedia data, this survey paper focuses on the different methods (approaches) and their evaluation techniques used by many of recent research works on image retrieval system. The paper [3] presents a detailed review on various types of SQL injection attacks, vulnerabilities, and prevention techniques. Alongside presenting the findings from the survey, it also denotes the future expectations and possible development of countermeasures against SQL injection attacks. This paper explains an extensive dealing of various types of SQL injection attacks, vulnerabilities, and prevention techniques were discussed in this paper.SQLCounter measures were covered in multi angles. And the drawback of this paper is that it covers all the items related to this topic and it’s not implemented at any case. There is no clear strategy explained to overcome the issue. The paper [4] proposes security architecture to detect and prevent zero day attacks and techniques to deal with the polymorphic and metamorphic behaviour of the attacks. The entity validation component is used for capturing information of the operating system and applications running in the virtual machines, secure logging and detection of attacks that are generated with spoofed source address. The intrusion detection engine
SQl Injection Protector for Authentication in Distributed Applications www.iosrjournals.org 47 | Page component is used for detection of known attacks and suspicious behaviour of the entities by monitoring the incoming and outgoing traffic of virtual machines. The dynamic analyzer is used for detection and validation of hidden processes, detection of zero day attacks and fine granular isolation of malicious process that is generating the attack traffic. After a zero day attack is detected, interactive VM technique is used to determine if the zero day attack exhibits polymorphic or metamorphic behaviour and develop attack signatures to deal with the attacks efficiently. This paper clearly emphasizes the secure logging and detection of attacks that are generated with spoofed source address.The paper [5] proposes a Data hiding in halftone images using conjugate ordered dithering (DHCOD) algorithm which is a modified version of Data hiding in halftone images using conjugate error diffusion technique (DHCED). We use this DHOCD algorithm for proposing a new three phase visual cryptography scheme. DHCOD technique is used to hide an binary visual pattern in two or more ordered dither halftone images, which can be from the same or different multi-tone images. In proposed scheme we shall generate the shares using basic visual cryptography model and then embed them into a cover image using a DHCOD technique, so that the shares will be more secure and meaningful. This paper proposes a flexibility of using different multi tone images that can be used to do the encryption process. Decryption can be done by human without any decryption algorithm. The major demerit is that in the half tone image they didn’t share the exact percentage of the first share and second share. No points specify the impact of using highest share by the individual partners and the encrypted images are still accessible to the user and this project doesn’t give a strongest form of encryptions. III. PROPOSED SYSTEM The Paper proposes a new system model which will guarantee a system where the user couldn’t hack the data. Our system provides solution for most of the possible attacks. The techniques implemented in this system are too simple and strong. The proposed system tries to address some of the huge issues like, Spam bot attack which can be fixed up with Anti spoofing approach. The proposed system can overcome hacking at all the levels of the system based upon the classifications. If the hacker enters into the first level of authentication means hacking can blocked by using XSD validation and Hash key generation methods. The anti spoofing method and the winnowing and chaffing method to give the prevention from the hacking. System Architecture Login Module describes the interface implemented by authentication technology providers. Login Modules are plugged in under applications to provide a particular type of authentication. The user is allowed to create his credentials to login into the system. An admin module to approve the users created and login approval the user will be allowed to log into the system. Tautological way – In this type, the intruders will be injecting the data in the conditional statements. So that, the condition is always be true.Union way The intrusion data/query will be appended with the existing query by union operators. So that, the intrusion of your data will be achieved. , the algorithm to store the Image contents for an user is defined by the admin user. The images will be tagged based on the profile. The XML data transformed will be validated with the defined XSD model. Authentication Module
SQl Injection Protector for Authentication in Distributed Applications www.iosrjournals.org 48 | Page Hash Module Image Authentication Module Union Hacking Module
SQl Injection Protector for Authentication in Distributed Applications www.iosrjournals.org 49 | Page XSD validation module IMPLEMENTATION Module describes the interface implemented by authentication technology providers; here the user is allowed to create his credentials to login into the system. An admin will approve the users created and login approval the user will be allowed to log into the system. Users can able to sign on because this associates content they create with their account and allows various permissions to be set for their roles. Admin user will decide the type of security or hash value algorithm to be incorporated for the system. The hash value is being generated for both username and password of the user. Customizing the algorithm frequently will provide a secure system. Now in the second phase of authentication, we will evaluate the user’s credentials with the steganographical password validation. The algorithm to store the Image contents for an user is defined by the admin user. The images will be tagged based on the profile. We are using the latest SQL Server technique to store the images in BLOB format using File Stream data type. In Union Hacking module, the hacker will append the intrusion data or query with the existing by using union operators. So that the intrusion of your data will be achieved. XML data transformed will be validated with the defined XSD model. XSD format needs to be defined so that the data needs to be validated for their types and its value range. IV. Conclusion In this paper we have reviewed the most popular existing SQL Injections related issues. The proposed approach presents a new series of techniques to secure the authentication process of the database. Multi angle checks in securing the system with step by step process and data validation enable this system a more secure one. Concept of “Anti Spoofing” will avoid spams through automated machines. Data filtration using XSD schema provides an additional filtration at the data level. All the test cases were passed successfully. No defects encountered. FUTURE ENHANCEMENT We can implement the system to protect our database from session oriented hacking. The cookies level injection can be detected and avoid those type of hackings. Reference [1] Piyush Marwaha,Paresh Marwaha,” Visual Cryptographic Steganography In Images” 2010 Second International conference on Computing, Communication and Networking Technologies.Infosys Technologies Limited, [2] Taekyoung Kwon, Member, IEEE, and Hyeonjoon Moon, Member, IEEE,” Biometric Authentication for Border Control Applications”, IEEE transactions on knowledge and data engineering, vol.20,no. 8,august 2008. [3] Yihun Alemu, Jong-bin Koh, Muhammed Ikram,Dong-Kyoo Kim, “Image Retrieval in Multimedia Databases: A Survey”,Department of Computer Engineering, Ajou University South Korea, Suwon. [4] Diallo Abdoulaye Kindy and Al-Sakib Khan Pathan ,” A Survey On SQL Injection: Vulnerabilities, Attacks, and Prevention Techniques”, Department of Computer Science, International Islamic University Malaysia, Malaysia 2011 IEEE 15th International Symposium on Consumer Electronics [5] Vijay Varadharajan, Udaya Tupakula,”Security Techniques for Zero Day Attacks” Information & Networked Systems Security Research Faculty of Science, Macquarie University, Sydney, Australia [6] IndiaDebashish Jena, “A Novel Visual Cryptography Scheme”, IEEE International Conference on Advanced Computer Control, 2009. [7] K. Kemalis, and T. Tzouramanis (2008). SQL-IDS: A Specification- based Approach for SQLinjection Detection. SAC’08. Fortaleza, Ceará, Brazil, ACM: pp. 2153 2158.

Recommended

Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
IJERA Editor
 
Prevention of SQL injection in E- Commerce
Prevention of SQL injection in E- CommercePrevention of SQL injection in E- Commerce
Prevention of SQL injection in E- Commerce
ijceronline
 
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Telefónica
 
Behavioural biometrics and cognitive security authentication comparison study
Behavioural biometrics and cognitive security authentication comparison studyBehavioural biometrics and cognitive security authentication comparison study
Behavioural biometrics and cognitive security authentication comparison study
acijjournal
 
ANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATA
ANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATAANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATA
ANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATA
IJCSEIT Journal
 
Continuous User Identity Verification through Secure Login Session
Continuous User Identity Verification through Secure Login Session Continuous User Identity Verification through Secure Login Session
Continuous User Identity Verification through Secure Login Session
IRJET Journal
 
Searchable symmetric encryption security definitions
Searchable symmetric encryption security definitionsSearchable symmetric encryption security definitions
Searchable symmetric encryption security definitions
Conference Papers
 
Access Policy Management For OSN Using Network Relationships
Access Policy Management For OSN Using Network RelationshipsAccess Policy Management For OSN Using Network Relationships
Access Policy Management For OSN Using Network Relationships
IJMTST Journal
 

Recommended

Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
Secure Brokerless System for Publisher/Subscriber Relationship in Distributed...
IJERA Editor
 
Prevention of SQL injection in E- Commerce
Prevention of SQL injection in E- CommercePrevention of SQL injection in E- Commerce
Prevention of SQL injection in E- Commerce
ijceronline
 
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Us20140380431 Patent: COMPUTER IMPLEMENTED METHOD TO PREVENT ATTACKS AGAINST...
Telefónica
 
Behavioural biometrics and cognitive security authentication comparison study
Behavioural biometrics and cognitive security authentication comparison studyBehavioural biometrics and cognitive security authentication comparison study
Behavioural biometrics and cognitive security authentication comparison study
acijjournal
 
ANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATA
ANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATAANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATA
ANDROID BASED WS SECURITY AND MVC BASED UI REPRESENTATION OF DATA
IJCSEIT Journal
 
Continuous User Identity Verification through Secure Login Session
Continuous User Identity Verification through Secure Login Session Continuous User Identity Verification through Secure Login Session
Continuous User Identity Verification through Secure Login Session
IRJET Journal
 
Searchable symmetric encryption security definitions
Searchable symmetric encryption security definitionsSearchable symmetric encryption security definitions
Searchable symmetric encryption security definitions
Conference Papers
 
Access Policy Management For OSN Using Network Relationships
Access Policy Management For OSN Using Network RelationshipsAccess Policy Management For OSN Using Network Relationships
Access Policy Management For OSN Using Network Relationships
IJMTST Journal
 
Multilevel Security and Authentication System
Multilevel Security and Authentication SystemMultilevel Security and Authentication System
Multilevel Security and Authentication System
paperpublications3
 
I1804015458
I1804015458I1804015458
I1804015458
IOSR Journals
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions www.ijeijournal.com
 
Prevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML DatabasePrevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML Database
IOSR Journals
 
Adaptive authentication to determine login attempt penalty from multiple inpu...
Adaptive authentication to determine login attempt penalty from multiple inpu...Adaptive authentication to determine login attempt penalty from multiple inpu...
Adaptive authentication to determine login attempt penalty from multiple inpu...
Conference Papers
 
IRJET - A Secure Approach for Intruder Detection using Backtracking
IRJET - A Secure Approach for Intruder Detection using BacktrackingIRJET - A Secure Approach for Intruder Detection using Backtracking
IRJET - A Secure Approach for Intruder Detection using Backtracking
IRJET Journal
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
IJCST - ESRG Journals
 
Image-Based Authentication from Confident Technologies
Image-Based Authentication from Confident TechnologiesImage-Based Authentication from Confident Technologies
Image-Based Authentication from Confident Technologies
Confident Technologies
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
theijes
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
IJNSA Journal
 
Passblot: A Highly Scalable Graphical One Time Password System
Passblot: A Highly Scalable Graphical One Time Password SystemPassblot: A Highly Scalable Graphical One Time Password System
Passblot: A Highly Scalable Graphical One Time Password System
IJNSA Journal
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
IGEEKS TECHNOLOGIES
 
A Study on Detection and Prevention of SQL Injection Attack
A Study on Detection and Prevention of SQL Injection AttackA Study on Detection and Prevention of SQL Injection Attack
A Study on Detection and Prevention of SQL Injection Attack
IRJET Journal
 
Single sign on mechanism for distributed computing
Single sign on mechanism for distributed computingSingle sign on mechanism for distributed computing
Single sign on mechanism for distributed computing
eSAT Publishing House
 
Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...
IRJET Journal
 
Cam cloud assisted privacy preserving mobile health monitoring
Cam cloud assisted privacy preserving mobile health monitoringCam cloud assisted privacy preserving mobile health monitoring
Cam cloud assisted privacy preserving mobile health monitoring
IEEEFINALYEARPROJECTS
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
eSAT Publishing House
 
Query Pattern Access and Fuzzy Clustering Based Intrusion Detection System
Query Pattern Access and Fuzzy Clustering Based Intrusion Detection SystemQuery Pattern Access and Fuzzy Clustering Based Intrusion Detection System
Query Pattern Access and Fuzzy Clustering Based Intrusion Detection System
Simran Seth
 
Effectiveness of various user authentication techniques
Effectiveness of various user authentication techniquesEffectiveness of various user authentication techniques
Effectiveness of various user authentication techniques
IAEME Publication
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
Shakas Technologies
 
Aircraft Takeoff Simulation with MATLAB
Aircraft Takeoff Simulation with MATLABAircraft Takeoff Simulation with MATLAB
Aircraft Takeoff Simulation with MATLAB
IOSR Journals
 
Medical Image Processing in Nuclear Medicine and Bone Arthroplasty
Medical Image Processing in Nuclear Medicine and Bone ArthroplastyMedical Image Processing in Nuclear Medicine and Bone Arthroplasty
Medical Image Processing in Nuclear Medicine and Bone Arthroplasty
IOSR Journals
 

More Related Content

What's hot

Multilevel Security and Authentication System
Multilevel Security and Authentication SystemMultilevel Security and Authentication System
Multilevel Security and Authentication System
paperpublications3
 
Adaptive authentication to determine login attempt penalty from multiple inpu...
Adaptive authentication to determine login attempt penalty from multiple inpu...Adaptive authentication to determine login attempt penalty from multiple inpu...
Adaptive authentication to determine login attempt penalty from multiple inpu...
Conference Papers
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
IJCST - ESRG Journals
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
IJNSA Journal
 
Passblot: A Highly Scalable Graphical One Time Password System
Passblot: A Highly Scalable Graphical One Time Password SystemPassblot: A Highly Scalable Graphical One Time Password System
Passblot: A Highly Scalable Graphical One Time Password System
IJNSA Journal
 

What's hot (20)

Multilevel Security and Authentication System
Multilevel Security and Authentication SystemMultilevel Security and Authentication System
Multilevel Security and Authentication System
 
I1804015458
I1804015458I1804015458
I1804015458
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
Prevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML DatabasePrevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML Database
 
Adaptive authentication to determine login attempt penalty from multiple inpu...
Adaptive authentication to determine login attempt penalty from multiple inpu...Adaptive authentication to determine login attempt penalty from multiple inpu...
Adaptive authentication to determine login attempt penalty from multiple inpu...
 
IRJET - A Secure Approach for Intruder Detection using Backtracking
IRJET - A Secure Approach for Intruder Detection using BacktrackingIRJET - A Secure Approach for Intruder Detection using Backtracking
IRJET - A Secure Approach for Intruder Detection using Backtracking
 
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
[IJCST-V5I6P2]:T. Sudharan Simha, D.Srinivasulu
 
Image-Based Authentication from Confident Technologies
Image-Based Authentication from Confident TechnologiesImage-Based Authentication from Confident Technologies
Image-Based Authentication from Confident Technologies
 
The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
 
Passblot: A Highly Scalable Graphical One Time Password System
Passblot: A Highly Scalable Graphical One Time Password SystemPassblot: A Highly Scalable Graphical One Time Password System
Passblot: A Highly Scalable Graphical One Time Password System
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
 
A Study on Detection and Prevention of SQL Injection Attack
A Study on Detection and Prevention of SQL Injection AttackA Study on Detection and Prevention of SQL Injection Attack
A Study on Detection and Prevention of SQL Injection Attack
 
Single sign on mechanism for distributed computing
Single sign on mechanism for distributed computingSingle sign on mechanism for distributed computing
Single sign on mechanism for distributed computing
 
Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...
 
Cam cloud assisted privacy preserving mobile health monitoring
Cam cloud assisted privacy preserving mobile health monitoringCam cloud assisted privacy preserving mobile health monitoring
Cam cloud assisted privacy preserving mobile health monitoring
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
Query Pattern Access and Fuzzy Clustering Based Intrusion Detection System
Query Pattern Access and Fuzzy Clustering Based Intrusion Detection SystemQuery Pattern Access and Fuzzy Clustering Based Intrusion Detection System
Query Pattern Access and Fuzzy Clustering Based Intrusion Detection System
 
Effectiveness of various user authentication techniques
Effectiveness of various user authentication techniquesEffectiveness of various user authentication techniques
Effectiveness of various user authentication techniques
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
 

Viewers also liked

Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...
Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...
Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...
IOSR Journals
 

Viewers also liked (20)

Aircraft Takeoff Simulation with MATLAB
Aircraft Takeoff Simulation with MATLABAircraft Takeoff Simulation with MATLAB
Aircraft Takeoff Simulation with MATLAB
 
Medical Image Processing in Nuclear Medicine and Bone Arthroplasty
Medical Image Processing in Nuclear Medicine and Bone ArthroplastyMedical Image Processing in Nuclear Medicine and Bone Arthroplasty
Medical Image Processing in Nuclear Medicine and Bone Arthroplasty
 
The Design and Implementation of Intelligent Campus Security Tracking System
The Design and Implementation of Intelligent Campus Security Tracking SystemThe Design and Implementation of Intelligent Campus Security Tracking System
The Design and Implementation of Intelligent Campus Security Tracking System
 
Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...
Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...
Intrauterine Infusion of Lugol's Iodine Improves the Reproductive Traits of P...
 
Speed Control of Dual Induction Motor using Fuzzy Controller
Speed Control of Dual Induction Motor using Fuzzy Controller Speed Control of Dual Induction Motor using Fuzzy Controller
Speed Control of Dual Induction Motor using Fuzzy Controller
 
Performance Analysis of Single Quantum Dots and Couple Quantum Dots at Interm...
Performance Analysis of Single Quantum Dots and Couple Quantum Dots at Interm...Performance Analysis of Single Quantum Dots and Couple Quantum Dots at Interm...
Performance Analysis of Single Quantum Dots and Couple Quantum Dots at Interm...
 
B012660611
B012660611B012660611
B012660611
 
Modified One Cycle Controlled Scheme for Single-Phase Grid Connected Pv-Fc Hy...
Modified One Cycle Controlled Scheme for Single-Phase Grid Connected Pv-Fc Hy...Modified One Cycle Controlled Scheme for Single-Phase Grid Connected Pv-Fc Hy...
Modified One Cycle Controlled Scheme for Single-Phase Grid Connected Pv-Fc Hy...
 
J017166469
J017166469J017166469
J017166469
 
I013126270
I013126270I013126270
I013126270
 
A New Approach to Volunteer Cloud Computing
A New Approach to Volunteer Cloud ComputingA New Approach to Volunteer Cloud Computing
A New Approach to Volunteer Cloud Computing
 
Enhancing Software Quality Using Agile Techniques
Enhancing Software Quality Using Agile TechniquesEnhancing Software Quality Using Agile Techniques
Enhancing Software Quality Using Agile Techniques
 
A Survey on Data Mining
A Survey on Data MiningA Survey on Data Mining
A Survey on Data Mining
 
A0420104
A0420104A0420104
A0420104
 
F012654552
F012654552F012654552
F012654552
 
Bridging the Gap Between Industry and Higher Education Demands on Electronic ...
Bridging the Gap Between Industry and Higher Education Demands on Electronic ...Bridging the Gap Between Industry and Higher Education Demands on Electronic ...
Bridging the Gap Between Industry and Higher Education Demands on Electronic ...
 
Advanced method for reuse of Li-ion batteries and Analysis by new designed el...
Advanced method for reuse of Li-ion batteries and Analysis by new designed el...Advanced method for reuse of Li-ion batteries and Analysis by new designed el...
Advanced method for reuse of Li-ion batteries and Analysis by new designed el...
 
Study of SaaS and its Application in Cloud
Study of SaaS and its Application in CloudStudy of SaaS and its Application in Cloud
Study of SaaS and its Application in Cloud
 
E012662431
E012662431E012662431
E012662431
 
Multilevel Privacy Preserving by Linear and Non Linear Data Distortion
Multilevel Privacy Preserving by Linear and Non Linear Data DistortionMultilevel Privacy Preserving by Linear and Non Linear Data Distortion
Multilevel Privacy Preserving by Linear and Non Linear Data Distortion
 

Similar to SQl Injection Protector for Authentication in Distributed Applications

Engineering Project of Venkata Krishna
Engineering Project of Venkata KrishnaEngineering Project of Venkata Krishna
Engineering Project of Venkata Krishna
banda5630
 
Building a Distributed Secure System on Multi-Agent Platform Depending on the...
Building a Distributed Secure System on Multi-Agent Platform Depending on the...Building a Distributed Secure System on Multi-Agent Platform Depending on the...
Building a Distributed Secure System on Multi-Agent Platform Depending on the...
CSCJournals
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
IJSRD
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
IJSRD
 
Intrusion Detection in Industrial Automation by Joint Admin Authorization
Intrusion Detection in Industrial Automation by Joint Admin AuthorizationIntrusion Detection in Industrial Automation by Joint Admin Authorization
Intrusion Detection in Industrial Automation by Joint Admin Authorization
IJMTST Journal
 
A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...
A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...
A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...
SIR SUCCESS PRINCE DUAH DUAH
 
Flow of presentationAbstractIntroductionMethodologiesRes.docx
Flow of presentationAbstractIntroductionMethodologiesRes.docxFlow of presentationAbstractIntroductionMethodologiesRes.docx
Flow of presentationAbstractIntroductionMethodologiesRes.docx
keugene1
 

Similar to SQl Injection Protector for Authentication in Distributed Applications (20)

Ld3420072014
Ld3420072014Ld3420072014
Ld3420072014
 
Engineering Project of Venkata Krishna
Engineering Project of Venkata KrishnaEngineering Project of Venkata Krishna
Engineering Project of Venkata Krishna
 
Enhanced Security Through Token
Enhanced Security Through TokenEnhanced Security Through Token
Enhanced Security Through Token
 
Building a Distributed Secure System on Multi-Agent Platform Depending on the...
Building a Distributed Secure System on Multi-Agent Platform Depending on the...Building a Distributed Secure System on Multi-Agent Platform Depending on the...
Building a Distributed Secure System on Multi-Agent Platform Depending on the...
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
A Survey on “Pass sequence acting as OTP using Login Indicator preventing Sho...
 
Methodology for Deriving and Integrating Countermeasures Design Models for El...
Methodology for Deriving and Integrating Countermeasures Design Models for El...Methodology for Deriving and Integrating Countermeasures Design Models for El...
Methodology for Deriving and Integrating Countermeasures Design Models for El...
 
AWS Cloud Based Encryption Decryption System
AWS Cloud Based Encryption Decryption SystemAWS Cloud Based Encryption Decryption System
AWS Cloud Based Encryption Decryption System
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
 
Keystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management SystemKeystroke Dynamics Authentication with Project Management System
Keystroke Dynamics Authentication with Project Management System
 
J0704055058
J0704055058J0704055058
J0704055058
 
IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...
IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...
IRJET - A Novel Approach Implementing Deduplication using Message Locked Encr...
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
 
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESMACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
 
Intrusion Detection in Industrial Automation by Joint Admin Authorization
Intrusion Detection in Industrial Automation by Joint Admin AuthorizationIntrusion Detection in Industrial Automation by Joint Admin Authorization
Intrusion Detection in Industrial Automation by Joint Admin Authorization
 
Ijsrdv8 i10355
Ijsrdv8 i10355Ijsrdv8 i10355
Ijsrdv8 i10355
 
Dynamic Key Based User Authentication (DKBUA) Framework for MobiCloud Environ...
Dynamic Key Based User Authentication (DKBUA) Framework for MobiCloud Environ...Dynamic Key Based User Authentication (DKBUA) Framework for MobiCloud Environ...
Dynamic Key Based User Authentication (DKBUA) Framework for MobiCloud Environ...
 
A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...
A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...
A REPORT ON THE ANALYSIS ON WEB AUTHENTICATION BASED ON SINGLE BLOCK HASH FUN...
 
Flow of presentationAbstractIntroductionMethodologiesRes.docx
Flow of presentationAbstractIntroductionMethodologiesRes.docxFlow of presentationAbstractIntroductionMethodologiesRes.docx
Flow of presentationAbstractIntroductionMethodologiesRes.docx
 

More from IOSR Journals

More from IOSR Journals (20)

A011140104
A011140104A011140104
A011140104
 
M0111397100
M0111397100M0111397100
M0111397100
 
L011138596
L011138596L011138596
L011138596
 
K011138084
K011138084K011138084
K011138084
 
J011137479
J011137479J011137479
J011137479
 
I011136673
I011136673I011136673
I011136673
 
G011134454
G011134454G011134454
G011134454
 
H011135565
H011135565H011135565
H011135565
 
F011134043
F011134043F011134043
F011134043
 
E011133639
E011133639E011133639
E011133639
 
D011132635
D011132635D011132635
D011132635
 
C011131925
C011131925C011131925
C011131925
 
B011130918
B011130918B011130918
B011130918
 
A011130108
A011130108A011130108
A011130108
 
I011125160
I011125160I011125160
I011125160
 
H011124050
H011124050H011124050
H011124050
 
G011123539
G011123539G011123539
G011123539
 
F011123134
F011123134F011123134
F011123134
 
E011122530
E011122530E011122530
E011122530
 
D011121524
D011121524D011121524
D011121524
 

Recently uploaded

Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
roncy bisnoi
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
dharasingh5698
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 

Recently uploaded (20)

Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 

SQl Injection Protector for Authentication in Distributed Applications

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 10, Issue 2 (Mar. - Apr. 2013), PP 46-49 www.iosrjournals.org www.iosrjournals.org 46 | Page SQl Injection Protector for Authentication in Distributed Applications Mrs.R.Velvizhi, PG Scholar M.E Computer Science IFET Engineering College, Villupuram. Abstract: In today’s information age, information sharing and transfer has increased exponentially. The treat of an intruder accessing secret information has been an ever existing concern for the data communication experts. Cryptography and steganography are the most widely used techniques to overcome this threat .Web application has been developed with very rapid progress. Security vulnerabilities due to amendment of intruders and hackers become predominant in the current trends. The work of this paper proposes a technique using hash value of user name and password,to improve the authentication process. We have built an prototype,SQL injection protector for authentication (SQLIPA).In addition to the proposed hash technique we are trying to conceal the logged in information using chaffing and winnowing technique in a stenographical image. These images will be stored as file stream by an encrypted layer in the backend to hide the tuples used for storage in a distributed environment. Validating the XML content with typed dataset will scrutinize the input data further associated with XSD filtration. Key Words: Security, Cryptography, Stenography, SQL Injection Protector for Authentication, Hash Technique. I. INTRODUCTION The objective of this project is to propose a new system model which will guarantee a system where the user couldn’t hack the data. Our systems provide solution for most of the possible SQL attacks. The scope of this project is to detect the SQL injection attacks at presentation, business and database levels. The SQL attacks can be prevented by anti spoofing technique. The XSD validation also done to avoid the hackers to access the data. This paper proposes a SQL Injection detection method by comparing the static SQL queries with the dynamically generated queries after removing the attribute values. The paper compares our method with other detection methods and confirmed the efficiency of our proposed method. The proposed method simply removes the attribute value in the SQL queries for analysis which makes it independent from the DBMS. The remaining part of this paper is formulated as, chapter II deals with Literature survey, chapter III describes the system proposed with testing, chapter IV concludes with future scope. II. LITERATIRE SURVEY An authentication methodology that combines multimodal biometrics and cryptographic mechanisms for border control applications is discussed in [1]. The method described accommodate faces and fingerprints without a mandatory requirement of (tamper resistant) smart-card-level devices on e-passports for easier deployment. It is even allowable to imprint (publicly readable) bar codes on the passports. Survey about the past decades and advancement in the area of database management systems shifts towards multimedia is discussed in [2]. Multimedia information is very expressive, self explanatory, narrative, etc. The growing of digital medias (digital camera, digital video, digital TV, e-book, cell phones, etc.) gave rise to the revolution of very large multimedia databases, in which the need of efficient storage, organization and retrieval of multimedia contents came into question. Among the multimedia data, this survey paper focuses on the different methods (approaches) and their evaluation techniques used by many of recent research works on image retrieval system. The paper [3] presents a detailed review on various types of SQL injection attacks, vulnerabilities, and prevention techniques. Alongside presenting the findings from the survey, it also denotes the future expectations and possible development of countermeasures against SQL injection attacks. This paper explains an extensive dealing of various types of SQL injection attacks, vulnerabilities, and prevention techniques were discussed in this paper.SQLCounter measures were covered in multi angles. And the drawback of this paper is that it covers all the items related to this topic and it’s not implemented at any case. There is no clear strategy explained to overcome the issue. The paper [4] proposes security architecture to detect and prevent zero day attacks and techniques to deal with the polymorphic and metamorphic behaviour of the attacks. The entity validation component is used for capturing information of the operating system and applications running in the virtual machines, secure logging and detection of attacks that are generated with spoofed source address. The intrusion detection engine
  • 2. SQl Injection Protector for Authentication in Distributed Applications www.iosrjournals.org 47 | Page component is used for detection of known attacks and suspicious behaviour of the entities by monitoring the incoming and outgoing traffic of virtual machines. The dynamic analyzer is used for detection and validation of hidden processes, detection of zero day attacks and fine granular isolation of malicious process that is generating the attack traffic. After a zero day attack is detected, interactive VM technique is used to determine if the zero day attack exhibits polymorphic or metamorphic behaviour and develop attack signatures to deal with the attacks efficiently. This paper clearly emphasizes the secure logging and detection of attacks that are generated with spoofed source address.The paper [5] proposes a Data hiding in halftone images using conjugate ordered dithering (DHCOD) algorithm which is a modified version of Data hiding in halftone images using conjugate error diffusion technique (DHCED). We use this DHOCD algorithm for proposing a new three phase visual cryptography scheme. DHCOD technique is used to hide an binary visual pattern in two or more ordered dither halftone images, which can be from the same or different multi-tone images. In proposed scheme we shall generate the shares using basic visual cryptography model and then embed them into a cover image using a DHCOD technique, so that the shares will be more secure and meaningful. This paper proposes a flexibility of using different multi tone images that can be used to do the encryption process. Decryption can be done by human without any decryption algorithm. The major demerit is that in the half tone image they didn’t share the exact percentage of the first share and second share. No points specify the impact of using highest share by the individual partners and the encrypted images are still accessible to the user and this project doesn’t give a strongest form of encryptions. III. PROPOSED SYSTEM The Paper proposes a new system model which will guarantee a system where the user couldn’t hack the data. Our system provides solution for most of the possible attacks. The techniques implemented in this system are too simple and strong. The proposed system tries to address some of the huge issues like, Spam bot attack which can be fixed up with Anti spoofing approach. The proposed system can overcome hacking at all the levels of the system based upon the classifications. If the hacker enters into the first level of authentication means hacking can blocked by using XSD validation and Hash key generation methods. The anti spoofing method and the winnowing and chaffing method to give the prevention from the hacking. System Architecture Login Module describes the interface implemented by authentication technology providers. Login Modules are plugged in under applications to provide a particular type of authentication. The user is allowed to create his credentials to login into the system. An admin module to approve the users created and login approval the user will be allowed to log into the system. Tautological way – In this type, the intruders will be injecting the data in the conditional statements. So that, the condition is always be true.Union way The intrusion data/query will be appended with the existing query by union operators. So that, the intrusion of your data will be achieved. , the algorithm to store the Image contents for an user is defined by the admin user. The images will be tagged based on the profile. The XML data transformed will be validated with the defined XSD model. Authentication Module
  • 3. SQl Injection Protector for Authentication in Distributed Applications www.iosrjournals.org 48 | Page Hash Module Image Authentication Module Union Hacking Module
  • 4. SQl Injection Protector for Authentication in Distributed Applications www.iosrjournals.org 49 | Page XSD validation module IMPLEMENTATION Module describes the interface implemented by authentication technology providers; here the user is allowed to create his credentials to login into the system. An admin will approve the users created and login approval the user will be allowed to log into the system. Users can able to sign on because this associates content they create with their account and allows various permissions to be set for their roles. Admin user will decide the type of security or hash value algorithm to be incorporated for the system. The hash value is being generated for both username and password of the user. Customizing the algorithm frequently will provide a secure system. Now in the second phase of authentication, we will evaluate the user’s credentials with the steganographical password validation. The algorithm to store the Image contents for an user is defined by the admin user. The images will be tagged based on the profile. We are using the latest SQL Server technique to store the images in BLOB format using File Stream data type. In Union Hacking module, the hacker will append the intrusion data or query with the existing by using union operators. So that the intrusion of your data will be achieved. XML data transformed will be validated with the defined XSD model. XSD format needs to be defined so that the data needs to be validated for their types and its value range. IV. Conclusion In this paper we have reviewed the most popular existing SQL Injections related issues. The proposed approach presents a new series of techniques to secure the authentication process of the database. Multi angle checks in securing the system with step by step process and data validation enable this system a more secure one. Concept of “Anti Spoofing” will avoid spams through automated machines. Data filtration using XSD schema provides an additional filtration at the data level. All the test cases were passed successfully. No defects encountered. FUTURE ENHANCEMENT We can implement the system to protect our database from session oriented hacking. The cookies level injection can be detected and avoid those type of hackings. Reference [1] Piyush Marwaha,Paresh Marwaha,” Visual Cryptographic Steganography In Images” 2010 Second International conference on Computing, Communication and Networking Technologies.Infosys Technologies Limited, [2] Taekyoung Kwon, Member, IEEE, and Hyeonjoon Moon, Member, IEEE,” Biometric Authentication for Border Control Applications”, IEEE transactions on knowledge and data engineering, vol.20,no. 8,august 2008. [3] Yihun Alemu, Jong-bin Koh, Muhammed Ikram,Dong-Kyoo Kim, “Image Retrieval in Multimedia Databases: A Survey”,Department of Computer Engineering, Ajou University South Korea, Suwon. [4] Diallo Abdoulaye Kindy and Al-Sakib Khan Pathan ,” A Survey On SQL Injection: Vulnerabilities, Attacks, and Prevention Techniques”, Department of Computer Science, International Islamic University Malaysia, Malaysia 2011 IEEE 15th International Symposium on Consumer Electronics [5] Vijay Varadharajan, Udaya Tupakula,”Security Techniques for Zero Day Attacks” Information & Networked Systems Security Research Faculty of Science, Macquarie University, Sydney, Australia [6] IndiaDebashish Jena, “A Novel Visual Cryptography Scheme”, IEEE International Conference on Advanced Computer Control, 2009. [7] K. Kemalis, and T. Tzouramanis (2008). SQL-IDS: A Specification- based Approach for SQLinjection Detection. SAC’08. Fortaleza, Ceará, Brazil, ACM: pp. 2153 2158.