NORMA eResearch @NCI Library

Securing Credentials from SQL Injection Attack Using Encryption and Hashing

Kaleem, Farhaan (2019) Securing Credentials from SQL Injection Attack Using Encryption and Hashing. Masters thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Master of Science)
Download (891kB) | Preview

Abstract

In our daily life, we use web applications for most of the purposes like banking, food ordering and online shopping. Most of the web applications hold the information like our username and password, using which the card details and other such sensitive information can be acquired. According to OWASP, today most of the web applications are vulnerable to SQL Injection Attack. SQL Injection attack can show the sensitive data like passwords on the screen that can be used by other unauthorised users. These passwords are usually hashed, but from the hash we can identify the algorithm used and hence break it. This paper aims the full stack web application developers, who use SQL database for storing the credentials. This paper proposes a system in which the user credentials are not only hashed, but also encrypted. Also the system filters the input, so that no malicious code can be inserted into the database to prevent SQL Injection Attack. The system uses the Argon2 hashing algorithm that was the winner of Password Hashing competition held in July 2015.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software

Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: CAOIMHE NI MHAICIN
Date Deposited: 15 Oct 2019 10:50
Last Modified: 15 Oct 2019 10:50
URI: http://trap.ncirl.ie/id/eprint/3892

Actions (login required)

View Item View Item