Prevention of SQL Injection Attack Using Blockchain Key pair based on Stellar

Currently, SQL injection is the most common attack on web applications where malicious codes are injected into the database by unauthorized users using user input fields and this could lead to data loss or in a worst case, to database hijacking; a situation no database administrator or web developer ever wants to experience. Two of the most recent types of these attacks are first-level and second-order attacks. A lot of researches have been done in this area, some of which are outstanding and capable of preventing first level attack but not second order attack. In order to improve the quality of protections, a new method is proposed in this paper to minimize the level of attack on databases by using stellar blockchain keypair. Using string manipulation on user inputs, the client application randomized the SQL query and sends it to the proxy server, the proxy server, in turn de-randomizes it with the help of the private key and sends the de-randomized query to the database server for processing and the overhead time is estimated and analyzed. This method proved to be more than 50% effective compared to previous methods using the same model. It also shows strengths in terms of processing and computational time. Experimental implementation and simulation using the stellar keypair demonstrates that the model presented is capable of detecting and preventing SQLIA all forms of SQL injection attacks including the secondorder injections

Clarity: Analysing security in web applications

The rapid rise in business' moving online has resulted in e-commerce web applications becoming increasingly targeted by hackers. This paper proposes Clarity, a dynamic black box vulnerability scanner capable of detecting Cross-Site Scripting, SQL Injection, HTTP Response Splitting, and Session Management vulnerabilities in web applications. The developed tool employs the use of Mechanize and Selenium to perform the majority of its web scraping requirements. Clarity was tested against 50 e-commerce web applications, uncovering Session Management flaws as the most prevalent vulnerability, with 36 out of the 50 applications being vulnerable

Cyber Security and Critical Infrastructures 2nd Volume

The second volume of the book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles, including an editorial that explains the current challenges, innovative solutions and real-world experiences that include critical infrastructure and 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems