INTRUSION PROTECTION AGAINST SQL INJECTION AND CROSS-SITE SCRIPTING
Article Sidebar
Main Article Content
Abstract
In this era where the internet is a part of our daily lives, data security in web applications has become very important. Web application vulnerabilities like SQL injection and cross site scripting have become very prevalent. These attacks pose serious risks to confidential database contents. The attackers scope web applications for vulnerabilities and once detected exploit these vulnerabilities to their benefit. The attackers inject SQL statements into the input fields of web application and get access to the application's database. This allows them easy access to sensitive information and lets them modify the database. Another form of attack i.e. XSS attack involves injecting malicious script into a trusted website that executes on a visiting person's browser without their knowledge and thereby making them vulnerable and enables the attacker to access confidential user data, such as session tokens and cookies that are stored on the browser. Reverse Proxy is a technique that we propose to prevent intrusion attacks through input fields by first sanitizing the inputs of web application before being used by them. Once the input is checked and deemed clean it is sent back to the web application for its intended usage. Thus the proxy reduces the burden of the developer to incorporate security measures in the code and helps them focus on creating an application with advanced specifications and leave the issue of checking the inputs for attacks on the proxy server.