International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 07 Issue: 10 | Oct 2020
p-ISSN: 2395-0072
www.irjet.net
Survey on Various Types of Cyber Attacks and its Detection and Prevention Manav Patel Fourth Year B.Tech Integrated, NMIMS’S MPSTME ---------------------------------------------------------------------***---------------------------------------------------------------------2. Types of Cyber Attack Abstract - Security is the biggest challenging approach in today’s internet accessible technologies like, mobile phones, webmail, instant messaging services, and removable storage media. Internet access has given the ability to easily carry and handle the large amounts of data. With the growing technologies, the usage of internet increases along with the threats/data breaches like view or modify the confidential data by an unauthorized entities. Though the technology increases, there is no guarantee for the overall security. Every web application contains vulnerabilities and it is the most crucial area for the intruders to place cyber attacks on it. These attacks are very harmful for the society. They involve creating financial theft, data threats, blackmailing, resource upholding and many more. This paper provides the approaches to identify, detect and taking preventive measures for the eradication of attacks. For this available tools and scanners can also be used in the present world scenario. SQL injection, DNS attacks and DoS attacks are emphasized towards implementation since the risk encountered is more in such attacks.
2.1 SQL INJECTION ATTACK SQL injection attack is an interruption attack, active attack too. It affects the resources and data in computing. Today’s most businesses are worked out on internet. Such attack may use malicious SQL code; insert nested queries, queries with different clauses, linking two or three databases for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including private details or other particulars. This attack usually begins at the initial phase of the platform in execution. It stays active on web platforms that employ database services. Likewise users start the experience from logging onto the website and further pages. If considered from login page onwards, the attacker uses logical SQL statements in the username and password fields to get successfully login. The statements like or true 1=1, or true# are used for doing SQL injection. These statements are directly stored on to the database connection which are SQL statements and make these statements vulnerable. This sort of vulnerability occurs in database layers of an application and allows users to login successfully. The attackers thus meet the target and gets access to user credentials.
1. INTRODUCTION Security is the biggest challenging approach in today’s internet accessible technologies like, mobile phones, webmail, instant messaging services, and removable storage media. Internet access has given the ability to easily carry and handle the large amounts of data. With the growing technologies, the usage of internet increases along with the threats/data breaches like view or modify the confidential data by an unauthorized entities. Though the technology increases, there is no guarantee for the overall security.
The so-called SQL injection is to cheat the server to execute malicious SQL commands by inserting SQL commands into the query string of Web form submission or input domain name or page request. For example, many previous video websites leaked VIP membership passwords mostly by submitting query characters via WEB form, which is particularly vulnerable to SQL injection attacks when the application program. SQL injection attacks occur when dynamic SQL statements are constructed using input content to access the database. SQL injection also occurs if the code uses stored procedures, which are passed as strings the website database through the SQL injection attack, and then they can get all the data in the website database. Malicious hackers can tamper with the data in the database through the SQL injection function and even destroy the data in the database. As a web developer, you hate this kind of hacking. It's necessary to understand the principle of SQL injection and learn how to protect your website database by code.
Cyber attacks are increasing from day to day. New variety of cyber attacks are also been heard every day. Rather than their supplementation, their growth is more spreading. The range of their effect starts from a device and spoiling the user credentials with various data thefts. Data loss is the main aim of such attacks that can affect a business, financial organization, enterprise, information portal, web sites etc. Measures must be taken to stop unauthorized users (hackers) from accessing any part of a system. Only then there can be an assurance of a system which guarantees proper authentication and access controls.
© 2020, IRJET
|
Impact Factor value: 7.529
|
ISO 9001:2008 Certified Journal
|
Page 1102