Volume 4 Number 3 (May 2015)
Home > Archive > 2015 > Volume 4 Number 3 (May 2015) >
IJCCE 2015 Vol.4(3): 187-195 ISSN: 2010-3743
DOI: 10.17706/IJCCE.2015.4.3.187-195

Multi-hashing for Protecting Web Applications from SQL Injection Attacks

Yogesh Bansal, Jin H. Park
Abstract—SQL injection is a type of frequently reported security attacks on database-driven web applications in which attackers execute unauthorized query operations to access information. In this paper, we describe the design and implementation of an efficient protection scheme against the SQL injection attacks based on a multiple-hashing mechanism. The proposed protection system model consists of three phases, which are registration, login and validation phases, and database is divided into product and query databases. By using multiple hashing operations the proposed scheme achieves higher efficiency than conventional schemes, which do not use sophisticated hashing operations. The scheme is implemented with HTML, PHP and MySQL, and cryptographic hashing function SHA-512 is used in the coding. Our experimental results show that the proposed scheme achieves very high level of security gain with negligible amount of time overheads compared to the conventional methods.

Index Terms—Authentication, hashing, SQL injection attack, web application.

The authors are with the Computer Science, California State University, Fresno, CA 93740, U.S.A.

Cite:Yogesh Bansal, Jin H. Park, "Multi-hashing for Protecting Web Applications from SQL Injection Attacks," International Journal of Computer and Communication Engineering vol. 4, no. 3, pp. 187-195, 2015.

General Information

ISSN: 2010-3743 (Online)
Abbreviated Title: Int. J. Comput. Commun. Eng.
Frequency: Quarterly
Editor-in-Chief: Dr. Maode Ma
Abstracting/ Indexing: EI (INSPEC, IET), Google Scholar, Crossref, EBSCO, ProQuest, and Electronic Journals Library
E-mail: ijcce@iap.org
  • Jun 20, 2019 News!

    IJCCE Vol. 6, No. 3 - Vol. 7, No. 3 have been indexed by EI (Inspec) Inspec, created by the Institution of Engineering and Tech.!   [Click]

  • Dec 09, 2020 News!

    IJCCE Vol.10, No.1 is published with online version!   [Click]

  • Sep 23, 2020 News!

    IJCCE Vol.9, No.4 is published with online version!   [Click]

  • Jun 12, 2020 News!

    IJCCE Vol.9, No.3 is published with online version!   [Click]

  • Apr 22, 2020 News!

    The dois of published papers in Vol. 9, No. 1 - Vol. 9, No. 2 have been validated by Crossref.

  • Read more>>