International Journal of Advanced Research in Computer Science and Software Engineering (IJARCSSE)
SQL injection is a common technique for attackers using SQL queries to attack on Web-based applications. These attacks reshape SQL queries and thus alter the behavior of the program for the benefit of the hacker. SQL Injection attacks are one of the gravest threats for web applications. Web applications are becoming an important part of the people daily life. So attacks against them also increases rapidly. Of these attacks, a major role is held by SQL Injection Attacks (SQLIA). In this paper, the authors proposes a new method for preventing SQL injection attacks in JSP web applications. The basic idea is to check before execution, the intended structure of the SQL query.