DEMERITS, DETECTION & PREVENTION OF SQL INJECTION ATTACKS OVER THE CLOUD COMPUTING

Web services that continuously deliver services to customers are basically connected to the backend database which contains highly sensitive information. As demand of deploying such applications increases, it also increases the possibility of such attacks that target applications. SQLIA is the most popular security attacks in the web application system. This type of attack is caused due to lacking of SQL parameters used and input validation. Some popular SQL injection attack that can affect the system and its prevention techniques are mentioned in this paper. Today’s internet world, securing data on cloud is very important issue. One of the most important challenges to secure web application is acknowledged by SQL injection attack. Most sensitive SaaS vulnerability which allows attacker to break the integrity and confidentiality of user’s data is called SQL injection attack. It breaches the security policy. Attacker inserts some code in the query which is not written by application developer. SQL injection is also called as web security vulnerability. Mostly it permits attacker to see data that they are not able to see. This paper proposes simulation of six case studies of SQL injection attack. System presents SQL injection attack with protection and without protection. System shows test case with protection means by specifying rules. If rule specification done then ontology logic is used. It uses test case without protection means creation of unknown user name or history of user. Implementation of system also classifies how attack happens, detection of attacks without protection and with protection.