SlideShare a Scribd company logo

Final review ppt

Download as PPT, PDF
R
Rana sing

This document proposes a technique called "web service oriented XPATH authentication" to prevent SQL injection attacks. The proposed system uses two filtration models - an active guard model to detect and prevent suspicious characters, and a service detector model that validates user input against stored data. The system aims to effectively secure applications like banking by preventing all forms of SQL attacks while allowing legitimate users to access databases. Modules described include information gathering, identifying input parameters, and employing various techniques to prevent SQL injection attacks like tautologies, malformed queries, and inference.

Related slideshows

IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
 
Practical Approach towards SQLi ppt
Practical Approach towards SQLi pptPractical Approach towards SQLi ppt
Practical Approach towards SQLi ppt
 
Security vulnerabilities related to web-based data
Security vulnerabilities related to web-based dataSecurity vulnerabilities related to web-based data
Security vulnerabilities related to web-based data
 
1 of 39
VEL TECH HIGH TECH DR.RRVEL TECH HIGH TECH DR.RR DR.SR ENGINEERING COLLEGEDR.SR ENGINEERING COLLEGE BATCH NO : 17 INTERNAL GUIDE: Mr.M.MAHESH Asst.Prof., TEAM MEMBERS : K.DURGADEVI-12208104026 N.ELAKYA-12208104027 M.SASITHRA-12208104083
DYNAMIC PROTECTIONDYNAMIC PROTECTION AGAINST HARMFUL CODEAGAINST HARMFUL CODE EXECUTIONEXECUTION
ABSTRACTABSTRACT  Attacks are increasing everyday. Our paper proposes a specification based methodology for the prevention of SQL injection attacks.  The two advantages are first, it prevents all forms of SQL injection attacks,second current technique does not allow the user to access directly in database server.  We are using a technique called “web service oriented XPATH authentication technique”.  This application is very effective in security priority applications like banking application.
EXISTING SYSTEMEXISTING SYSTEM • Our existing system, does not use any input validations. So attacker with their domain knowledge can easily access the database by injecting malicious harmful codes. • Also it does not prevent all kinds of attacks.
PROPOSED SYSTEMPROPOSED SYSTEM • This proposed technique consists of two filtration models to prevent SQLIA’S. i Active Guard Filtration Model Active Guard Filtration Model in application layer build a Susceptibility detector to detect and prevent the Susceptibility characters or Meta characters to prevent the malicious attacks from accessing the data’s from database. ii Service Detector Filtration Model Service Detector Filtration Model in application layer validates user input from XPATH- Validator where the Sensitive data’s are stored from the Database at second level filtration model.  
• The user input fields compare with the data existed in XPATH_Validator if it is identical then the Authenticated /legitimate user is allowed to proceed. • Web Service Layer Web service builds two types of execution process that are DB_2_Xml generator and XPATH_ Validator.
ARCHITECTUREARCHITECTURE
MODULESMODULES • Information gathering • Identification of input parameters • Prevention of SQL Injection Attack  
MODULE DESCRIPTIONMODULE DESCRIPTION 1.Information gathering In this project we define the web structure of net banking. It contains all information about users, user accounts, and account summary and transaction details. All information is maintained in database to protect the web applications against SQL injection attacks by a new highly automated approach. 2. Identification of input parameters This approach works by identifying “trusted” strings in an application and allowing only these trusted strings to be used to create the semantically relevant parts of a SQL query such as keywords or operators.
The general mechanism that we use to implement this approach is based on dynamic tainting, which marks and tracks certain data in a program at runtime. 3.Prevention of SQL Injection Attack If the injection does not produce an error page, attacker is able to collect information about structure of the database by applying the technique known as inferential SQL injection. Such a technique consists in obtaining a true or false reply to the injection. In this technique, we can append any logic proposition to the URL and identify that query did not produce an error that means a field is part of a table a user has the right to access a database.
3.1.Tautologies: Tautology-based attacks are among the simplest and best known types of SQLIAs. The general goal of a tautology based attack is to inject SQL tokens that cause the query’s conditional statement to always evaluate to true. In this example attack, an attacker submits “ ’ or1=1 - -”The Query for Login mode is: SELECT * FROM user_info WHERE loginID=’’ or 1=1 - - AND pass1=’’ 3.2.Uniformed Queries: In union-query attacks, Attackers do this by injecting a statement of the form: UNION SELECT <rest of injected query> because the attackers completely control the second/injected query that query to retrieve information from a specified table.they can use that
The result of this attack is that the database returns a dataset that is the union of the results of the original first query and the results of the injected second query. Example: An attacker could inject the text “’ UNION SELECT pass1 from user_info where LoginID=’secret - -” into the login field, which produces the following query: SELECT pass1 FROM user_info WHERE loginID=’’ UNION SELECT pass1 from user_info where LoginID=’secret’ -- AND pass1=’’
3.3.Piggybacked Queries3.3.Piggybacked Queries Similar to union queries, this kind of attack appends additional queries to the original query string. If the attack is successful, the database receives and executes a query string that contains multiple distinct queries. The first query is generally the original legitimate query, whereas subsequent queries are the injected malicious queries. This type of attack can be especially harmful because attackers can use it to inject virtually any type of SQL command.
3.4.Inference3.4.Inference  Similar to malformed queries, inference-based attacks let attackers discover information about a database schema. This type of SQLIAs creates queries that cause an application or database to behave differently based on the results of the query.  This way, even if an application does not directly provide the results of the query to the attacker, it is possible to observe side effects caused by the query and deduce its results.  One particular type of attack based on inference is a timing attack, which lets attackers gather information from a database by observing timing delays in the database’s responses.
 To perform a timing attack, attackers structure their injected queries in the form of an if-then statement whose branch condition corresponds to a question about the contents of the database.  The attacker then uses the WAITFOR keyword along one of the branches, which causes the database to delay its response by a specified time. By measuring the increase or decrease in the database response time, attackers can infer which branch was taken and the answer to the injected question.
DATA FLOW DIAGRAMDATA FLOW DIAGRAM Allow Prevent User Web application SQL injection? Get user info from DB and hack Identify input parameters Apply prevention technique Query cheker DB Secure transaction
SYSTEM REQUIREMENTSSYSTEM REQUIREMENTS HARDWARE CONFIGURATION: Hard disk : 40 GB RAM : 512mb Processor : Pentium IV Monitor : 17’’Color Monitor SOFTWARE CONFIGURATION: Front-End : VS .NET 2008 Coding Language : C# Operating System : Windows XP. Back End : SQLSERVER 2005
Login page
Final review ppt
User Creation
Meta String
External Data
User Trusted Data
Deposit
Third Party Creation
Online Transaction
User Modification
Final review ppt
Tautology
Malformed Queries
Final review ppt
Final review ppt
Final review ppt
Final review ppt
Final review ppt
Final review ppt
Final review ppt
REFERENCESREFERENCES  User Interfaces in C#: Windows Forms and Custom Controls by Matthew MacDonald.   Applied Microsoft® .NET Framework Programming (Pro- Developer) by Jeffrey Richter.   Practical .Net2 and C#2: Harness the Platform, the Language, and the Framework by Patrick Smacchia.  Data Communications and Networking, by Behrouz A Forouzan.  Computer Networking: A Top-Down Approach, by James F. Kurose.  Operating System Concepts, by Abraham Silberschatz.  J. Cohen. Statistical power analysis for the behavioral sciences. L. Earlbaum Associates, 1988.  R. Ezumalai, G. Aghila, “Combinatorial Approach for Preventing SQL Injection Attacks,” Proc. of 2009 IEEE International Advance Computing Conference (IACC 2009) pp. 1212- 1217.
Final review ppt

More Related Content

Final review ppt

  • 1. VEL TECH HIGH TECH DR.RRVEL TECH HIGH TECH DR.RR DR.SR ENGINEERING COLLEGEDR.SR ENGINEERING COLLEGE BATCH NO : 17 INTERNAL GUIDE: Mr.M.MAHESH Asst.Prof., TEAM MEMBERS : K.DURGADEVI-12208104026 N.ELAKYA-12208104027 M.SASITHRA-12208104083
  • 2. DYNAMIC PROTECTIONDYNAMIC PROTECTION AGAINST HARMFUL CODEAGAINST HARMFUL CODE EXECUTIONEXECUTION
  • 3. ABSTRACTABSTRACT  Attacks are increasing everyday. Our paper proposes a specification based methodology for the prevention of SQL injection attacks.  The two advantages are first, it prevents all forms of SQL injection attacks,second current technique does not allow the user to access directly in database server.  We are using a technique called “web service oriented XPATH authentication technique”.  This application is very effective in security priority applications like banking application.
  • 4. EXISTING SYSTEMEXISTING SYSTEM • Our existing system, does not use any input validations. So attacker with their domain knowledge can easily access the database by injecting malicious harmful codes. • Also it does not prevent all kinds of attacks.
  • 5. PROPOSED SYSTEMPROPOSED SYSTEM • This proposed technique consists of two filtration models to prevent SQLIA’S. i Active Guard Filtration Model Active Guard Filtration Model in application layer build a Susceptibility detector to detect and prevent the Susceptibility characters or Meta characters to prevent the malicious attacks from accessing the data’s from database. ii Service Detector Filtration Model Service Detector Filtration Model in application layer validates user input from XPATH- Validator where the Sensitive data’s are stored from the Database at second level filtration model.  
  • 6. • The user input fields compare with the data existed in XPATH_Validator if it is identical then the Authenticated /legitimate user is allowed to proceed. • Web Service Layer Web service builds two types of execution process that are DB_2_Xml generator and XPATH_ Validator.
  • 8. MODULESMODULES • Information gathering • Identification of input parameters • Prevention of SQL Injection Attack  
  • 9. MODULE DESCRIPTIONMODULE DESCRIPTION 1.Information gathering In this project we define the web structure of net banking. It contains all information about users, user accounts, and account summary and transaction details. All information is maintained in database to protect the web applications against SQL injection attacks by a new highly automated approach. 2. Identification of input parameters This approach works by identifying “trusted” strings in an application and allowing only these trusted strings to be used to create the semantically relevant parts of a SQL query such as keywords or operators.
  • 10. The general mechanism that we use to implement this approach is based on dynamic tainting, which marks and tracks certain data in a program at runtime. 3.Prevention of SQL Injection Attack If the injection does not produce an error page, attacker is able to collect information about structure of the database by applying the technique known as inferential SQL injection. Such a technique consists in obtaining a true or false reply to the injection. In this technique, we can append any logic proposition to the URL and identify that query did not produce an error that means a field is part of a table a user has the right to access a database.
  • 11. 3.1.Tautologies: Tautology-based attacks are among the simplest and best known types of SQLIAs. The general goal of a tautology based attack is to inject SQL tokens that cause the query’s conditional statement to always evaluate to true. In this example attack, an attacker submits “ ’ or1=1 - -”The Query for Login mode is: SELECT * FROM user_info WHERE loginID=’’ or 1=1 - - AND pass1=’’ 3.2.Uniformed Queries: In union-query attacks, Attackers do this by injecting a statement of the form: UNION SELECT <rest of injected query> because the attackers completely control the second/injected query that query to retrieve information from a specified table.they can use that
  • 12. The result of this attack is that the database returns a dataset that is the union of the results of the original first query and the results of the injected second query. Example: An attacker could inject the text “’ UNION SELECT pass1 from user_info where LoginID=’secret - -” into the login field, which produces the following query: SELECT pass1 FROM user_info WHERE loginID=’’ UNION SELECT pass1 from user_info where LoginID=’secret’ -- AND pass1=’’
  • 13. 3.3.Piggybacked Queries3.3.Piggybacked Queries Similar to union queries, this kind of attack appends additional queries to the original query string. If the attack is successful, the database receives and executes a query string that contains multiple distinct queries. The first query is generally the original legitimate query, whereas subsequent queries are the injected malicious queries. This type of attack can be especially harmful because attackers can use it to inject virtually any type of SQL command.
  • 14. 3.4.Inference3.4.Inference  Similar to malformed queries, inference-based attacks let attackers discover information about a database schema. This type of SQLIAs creates queries that cause an application or database to behave differently based on the results of the query.  This way, even if an application does not directly provide the results of the query to the attacker, it is possible to observe side effects caused by the query and deduce its results.  One particular type of attack based on inference is a timing attack, which lets attackers gather information from a database by observing timing delays in the database’s responses.
  • 15.  To perform a timing attack, attackers structure their injected queries in the form of an if-then statement whose branch condition corresponds to a question about the contents of the database.  The attacker then uses the WAITFOR keyword along one of the branches, which causes the database to delay its response by a specified time. By measuring the increase or decrease in the database response time, attackers can infer which branch was taken and the answer to the injected question.
  • 16. DATA FLOW DIAGRAMDATA FLOW DIAGRAM Allow Prevent User Web application SQL injection? Get user info from DB and hack Identify input parameters Apply prevention technique Query cheker DB Secure transaction
  • 17. SYSTEM REQUIREMENTSSYSTEM REQUIREMENTS HARDWARE CONFIGURATION: Hard disk : 40 GB RAM : 512mb Processor : Pentium IV Monitor : 17’’Color Monitor SOFTWARE CONFIGURATION: Front-End : VS .NET 2008 Coding Language : C# Operating System : Windows XP. Back End : SQLSERVER 2005
  • 38. REFERENCESREFERENCES  User Interfaces in C#: Windows Forms and Custom Controls by Matthew MacDonald.   Applied Microsoft® .NET Framework Programming (Pro- Developer) by Jeffrey Richter.   Practical .Net2 and C#2: Harness the Platform, the Language, and the Framework by Patrick Smacchia.  Data Communications and Networking, by Behrouz A Forouzan.  Computer Networking: A Top-Down Approach, by James F. Kurose.  Operating System Concepts, by Abraham Silberschatz.  J. Cohen. Statistical power analysis for the behavioral sciences. L. Earlbaum Associates, 1988.  R. Ezumalai, G. Aghila, “Combinatorial Approach for Preventing SQL Injection Attacks,” Proc. of 2009 IEEE International Advance Computing Conference (IACC 2009) pp. 1212- 1217.