Efficient Solution for SQL Injection Attack Detection and Prevention

SQL injection is the most common attack for web applications and widely used exploit by hackers all over the world. A malicious hacker can do a lot of harm if he wishes to. SQL injection is a security vulnerability that occurs in the database layers of an application. SQL injection is a technique to pass SQL code into interactive web applications that employ in database services. The employment of SQL Injection Attacks, can lead to the leak of confidential information such as credit card numbers, commercial information & table structure. The attackers can get the entire schema of the original database and also corrupt it. In this paper, we have proposed the Detection Model of SQL Injection Vulnerabilities and SQL Injection Mitigation Framework. These approaches are based on SQL Injection grammar to identify the SQL Injection vulnerabilities during software development and SQL Injection Attack on web-based applications. Keywords— SQL Injection; Security Assessment; vulnerabilities; Pattern Matching, SQL Query.