INTRUSION DETECTION SYSTEM AND MODSECURITY FOR HANDLING SQL INJECTION ATTACKS

Ruri Ashari Dalimunthe, Sahren Sahren

Abstract


SQL Injection (SQLI) is the main type of attack that will threaten the integrity, confidentiality, and authenticity or functionality of database-based web applications. This allows an attacker to gain unauthorized access to a back-end database by exploiting vulnerabilities in the system to carry out attacks and access existing resources. Therefore, the best prevention techniques against SQL Injection attacks are needed to protect an individual or organizational data from hacking. In this study, using two security techniques, namely using the Intrusion Detection System as a sensor that will detect if an SQL Injection attack occurs, and using a web-based firewall (ModSecurity) as a security system that will block attacks. The purpose of this research is to build a capable security system that will detect and block any SQL Injection attacks against the database. the proposed system was tested using the Sqlmapproject attack tool. Sqlmapproject is used to attack web applications before and after protection. The results show that the proposed security system is functioning properly and can protect the database system on the web well, high performance, and efficiency.


Full Text:

PDF

References


S. E. Rosenbaum, “Passage of drugs through membranes,” in Basic Pharmacokinetics and Pharmacodynamics: An Integrated Textbook and Computer Simulations, John Wiley & Sons, 2016.

E. L. Febrianti and T. Christi, “Peneraan Forward Chaining Untuk Mendianogsa Penyakit Malaria Dan Pencegahanya Berbasis Web,” Jurteksi, vol. 4, no. 1, pp. 93–100, 2017.

S. E. Rosenbaum, Basic pharmacokinetics, and pharmacodynamics: An integrated textbook and computer simulations. John Wiley & Sons, 2016.

N. Nurwati, “Pendeteksi Tingkat Kebisingan dan Pemberi Peringkat Pada Perpustakaan Berbasis Arduino,” in Seminar Nasional Royal (SENAR), 2018, pp. 295–298.

J. Hutahaean, Konsep Sistem Informasi. Yogyakarta: Deepublish, 2015.

D. Sutrisno, S. N. Gill, and S. Suseno, “The development of spatial decision support system tool for marine spatial planning,” Int. J. Digit. Earth, vol. 11, no. 9, pp. 863–879, 2018.




DOI: https://doi.org/10.33330/icossit.v1i1.711

Article Metrics

Abstract view : 18 times
PDF - 11 times

Refbacks

  • There are currently no refbacks.