Date of Award
Culminating Project Type
Information Assurance: M.S.
Information Assurance and Information Systems
Herberger School of Business
Jim Q. Chen
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
early alert, IP address, user level by device fingerprinting, three-way handshake, hackers, analyzing IP address
Computer security is a moving target that moves or increases with the growth of technology. Organizations during the 21st century have to create and/or adopt new technologies in order to stay in business and be competitive. These new technologies involve thousands of lines of code using programming languages, crossing servers, and database engines. Along with the growth of technology, organizations’ IT professionals are trying to prevent any data breach to valuable data from hackers by locking all vulnerable doors that hackers might use to access a system. While IT professionals are trying to lock all vulnerable doors, hackers need only one door to hack a given system using one of the hacking methods available. One of the most used hacking methods and most security concerning is SQL Injection that hackers use to bypass a system by gaining unauthorized access to retrieve or modify valuable data such as Social Security Numbers, bank information, health records, etc. SQL Injection can be achieved through injecting SQL commands into a SQL statement via a web page. There is a number of SQL Injection methods used to gain unauthorized access into a given system; however, SQL Injection through Sign-in/Log-in process is the most used technique with 63% of all SQL injection types used . Therefore, this research focuses on SQL Injection through Sign-in/Log-in process and presents a new way of alerting the system admin of any SQL Injection attempts and blocks, as well as any further access attempts by the same user (abuser).
Alward, Redwan A., "Early SQL Injection Detection" (2016). Culminating Projects in Information Assurance. 14.