Accessibility navigation


Data-mining and hashing to prevent application-layer DDoS and SQL injection attacks

Ashlam, A. A., Badii, A. and Stahl, F. (2023) Data-mining and hashing to prevent application-layer DDoS and SQL injection attacks. In: 2023 IEEE International Conference on Advanced Systems and Emergent Technologies, 29 Apr 2023 - 01 May 2023, Hammamet, Tunisia, https://doi.org/10.1109/ic_aset58101.2023.10150694.

Full text not archived in this repository.

It is advisable to refer to the publisher's version if you intend to cite from this work. See Guidance on citing.

To link to this item DOI: 10.1109/ic_aset58101.2023.10150694

Abstract/Summary

Applications built specifically for the web are rapidly growing in significance. Internet access is crucial to the smooth operation of many critical services, including medical care, banking, retail, information sharing, and transportation. Since most applications are hosted in the cloud, it makes sense for data owners to be very concerned about data integrity. Malicious actors attempting to access the cloud environment must be stopped using strong security measures. Several types of attackers target the network at the same time, using different methods. The purpose of this project is to protect the database against attacks that originate from the client side. Examples of such attacks include application-layer distributed denial-of-service attacks and SQL injection attacks. Distributed denial-of-service attacks, often known as DDoS attacks, occur at the application layer when an attacker sends a flood of requests to a target service. SQL injection attacks, on the other hand, are a kind of attack that bypasses normal safeguards by launching malicious scripts directly into the database. In order to prevent application-layer DDoS attacks and SQL injection attacks, a new method has been proposed. This strategy involves ensuring that the login data (a legitimate username and password) matches both the usernames and passwords stored in the database on the client side. Additionally, it involves being able to handle this data in the form of hashing, making use of datamining, and employing the Python programming language for the implementation of cryptographic algorithms using the SHA-256 hash function. Both of these types of attacks can be prevented by implementing this strategy. Since only a few changes to the source code of the programming language are needed, this strategy can be quickly added to any web application that has already been built. This is true no matter what programming language or database was used to build the application.

Item Type:Conference or Workshop Item (Paper)
Refereed:Yes
Divisions:Science > School of Mathematical, Physical and Computational Sciences > Department of Computer Science
ID Code:112421
Publisher:IEEE

University Staff: Request a correction | Centaur Editors: Update this record

Page navigation