Profiling Database Application to Detect SQL Injection Attacks.

Question: Depict about the Profiling Database Application to Detect SQL Injection Attacks? Answer: Arrangement Transport Booking System The Online Bus Ticket Reservation System is an application which is electronic licenses visitors to check attainable quality of transport tickets, buy transport ticket and compensation the on the web. The plan is accurate in usage and venture. The plan needs careful little plan assets and the plan will exertion in about out and out setups. It has procured ensuing geographies: It will protect measurements accuracy. Records will be expertly safeguarded by DBMS. Attainable quality of seats could be questioned easily. Explorers can likewise pull back their tickets easily. Least time attractive for the various taking care of. It will convey improved office. Client Activities The best activities endorsed out by manager are exemplified cry The client can make account The client can alter account The client can reset secret phrase The travelers can be altered The ticket booking Cancellation of record Database Making 3 tables: Transport Client Record For each table we will have following things: Transport: Appearance Destination Flight goal Appearance time Flight time FareUser: Client Client name Client id Secret word Address Record: traveler subtleties last ticket booked Sql inquiry: For transport: make table BUS ( arrivalDest varchar2(20) , departureDest varchar2(20) , arrival_time date , dep_time date , charge decimal(5,2) , Total_seats number (2) ); For client: make table user_bus { u_Name varchar2(20), u_ID varchar2(10), secret word varchar2(20), address varchar2(50) ); For account: make table Account ( u_ID varchar2(10), pass_details varchar2(30), contactNo number(10), last_ticket varchar2(30) ); Enlistment before use sql question: Addition into table user_bus values ( ronit roy , r007 , hash007 , 110/07 bread cook road , London, U.K. ) ; Including Passenger data : Supplement into table record esteems ( Steve Jobs , 1234567890 ) ; Including agenda: Supplement into table BUS esteems ( London , Scotland , '12-jul-15 02.10.10 PM ' , '12-jul-15 02.10.10 PM ' , 100.20 , 15 ) ; Alter traveler data : Update account set pass_details = Amanda Rose where contactNo = 1234567890 ; Erase traveler data : Erase from account where contactNo = 1234567890 ; Alter account data : Update account set contactNo = 1234567890 where pass_details = Amanda Rose ; Fuctions : Make client : Addition into table user_bus values ( Roney cole , RC101 , pass123 , 1 12 park road , los angeles ); Alter client data : Update user_bus set u_name = Amanda Rose where u_ID = RR101 ; Reset secret phrase : Update user_bus set secret phrase = RoseMaryMarlow9 where u_ID = RR101 ; Include another traveler : Supplement into table record esteems ( Steffi johns , 1234567891 ) ; Alter traveler : Update account set pass_details = Amanda Rose where contactNo = 1234567890 ; Erase traveler : Erase from account where contactNo = 1234567890 ; Book ticket : Addition into table BUS esteems ( London , Scotland , '12-jul-15 02.10.10 PM ' , '12-jul-15 02.10.10 PM ' , 100.20 , 15 ) ; Change ticket : Update transport set arrivalDest = paris , departureDest = zurich where seat 0 ; Drop ticket : Update transport set arrivalDest = paris , departureDest = zurich where seat = seat +1 ; Program (Java) Java code is given and joined in the record project.java. References: Bertino, E., Kamra, A. furthermore, Early, J. (2007). Profiling Database Application to Detect SQL Injection Attacks.2007 IEEE International Performance, Computing, and Communications Conference. Li, Y. furthermore, Manoharan, S. (2013). An exhibition examination of SQL and NoSQL databases.2013 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM). 3. Ilpubs.stanford.edu, (2015).Lore: A Database Management System for Semistructured Data - Stanford InfoLab Publication Server. [online] Available at: https://ilpubs.stanford.edu:8090/261/[Accessed 2 Sep. 2015]. 4. Selinger, P., Astrahan, M., Chamberlin, D., Lorie, R. what's more, Price, T. (1979). Access way determination in a social database the executives system.Proceedings of the 1979 ACM SIGMOD worldwide meeting on Management of information - SIGMOD '79. 5. Astrahan, M., Mehl, J., Putzolu, G., Traiger, I., Wade, B., Watson, V., Blasgen, M., Chamberlin, D., Eswaran, K., Gray, J., Griffiths, P., King, W., Lorie, R. what's more, McJones, P. (1976). Framework R: social way to deal with database management.ACM Transactions on Database Systems, 1(2), pp.97-137. 6. Zhang, C., Naughton, J., DeWitt, D., Luo, Q. what's more, Lohman, G. (2001). On supporting control questions in social database the executives systems.Proceedings of the 2001 ACM SIGMOD worldwide meeting on Management of information - SIGMOD '01. 7. Stonebraker, M. (1981). Working framework support for database management.Communications of the ACM, 24(7), pp.412-418. 8. McFadden, F., Prescott, M. also, Hoffer, J. (1998). Present day Database Management.Addison-Wesley Longman Publishing Co., Inc., [online] p. Accessible at: https://dl.acm.org/citation.cfm?id=551959 [Accessed 2 Sep. 2015]. 9. Harmsen, D., Claus, H., Witte, W., Rothganger, J., Claus, H., Turnwald, D. also, Vogel, U. (2003). Composing of Methicillin-Resistant Staphylococcus aureus in a University Hospital Setting by Using Novel Software for spa Repeat Determination and Database Management.Journal of Clinical Microbiology, 41(12), pp.5442-5448. 10. Dspace.utamu.ac.ug, (2015). [online] Available at: https://dspace.utamu.ac.ug:8080/xmlui/bitstream/handle/123456789/85/%5BRamakrishnan_R.,_Gehrke_J.%5D_Database_Management_S(BookFi.org).pdf?sequence=1isAllowed=y [Accessed 2 Sep. 2015]. 11. Li, Y. what's more, Manoharan, S. (2013). An exhibition examination of SQL and NoSQL databases.2013 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM). 12. Mohan, C., Lindsay, B. what's more, Obermarck, R. (1986). Exchange the executives in the R* dispersed database the board system.ACM Transactions on Database Systems, 11(4), pp.378-396. 13. Tsichritzis, D. what's more, Klug, A. (1978). The ANSI/X3/SPARC DBMS structure report of the investigation bunch on database the board systems.Information Systems, 3(3), pp.173-191. 14. Govindaraju, N., Gray, J., Kumar, R. furthermore, Manocha, D. (2006). GPUTeraSort.Proceedings of the 2006 ACM SIGMOD universal meeting on Management of information - SIGMOD '06. 15. Vldb.org, (2015). [online] Available at: https://www.vldb.org/conf/1986/P294.PDF [Accessed 2 Sep. 2015]. 16. Butterworth, P., Otis, A. furthermore, Stein, J. (1991). The GemStone object database the board system.Communications of the ACM, 34(10), pp.64-77. 17. Kemper, A. also, Moerkotte, G. (1994). Item situated database the board: applications in building and PC science.Prentice-Hall, Inc., [online] p. Accessible at: https://dl.acm.org/citation.cfm?id=174450 [Accessed 2 Sep. 2015]. 18. Menasc, D. what's more, Nakanishi, T. (1982). Idealistic versus skeptical simultaneousness control instruments in database the executives systems.Information Systems, 7(1), pp.13-27.