Detection and Prevention of SQL-Injection Attacks of Web Application Using Comparing Length of SQL Query
The authors' main aim of the research is to find the method which is able to detect and prevent their web applications from the SQL Injection attacks. In their approach firstly they check the length of the original SQL Query and store its length value. If there is another Query which is used for SQL-Injection attacks, then they too check the length of this SQL Query and store its value. If the length of both the queries is same then the second Query is not the SQL-Injection Query, else the other Query is SQL-injection Query. If there is SQL-Injection attack then they don't allow attacker to access the database by giving the access deny or by giving the error message.