43a Ash Street Southport PR8 6JE[email protected]

Databases

A database stores and organises data, helping everyone from the user to organisations. Data is often accessed through the internet, allowing large volumes of data to be accessed by large volumes of users simultaneously as explained by Chaki et al (2019). The importance of a database especially on database driven websites makes it a target of malicious attacks, exploiting flaws to cause failures. Ross et al (2017) state that a common method of attack is known as ‘SQL Injection Attacks’, where a user looking to exploit a flaw will use known SQL functions to inject unwanted or destructive data into a database. Singh et al (2019) provide two broad categories used to prevent Injection based attacks, the first is known as ‘Anomaly Based Detection’ and the second is known as ‘Signature Based Detection’. Anomaly based detection identifies behaviour that is unusual or abnormal in comparison to the baseline for an entity. Signature based detection compares attempted entries against a known list of malicious injections. Whilst there are applications that utilise a variety of attack prevention methods, they exist as sophisticated versions of one of the two categories.

At Anthropoid we take data handling seriously and that is why all our databases are heavily protected, one of our methods that we use is Cloudflare protection, used to protect cloud-based databases from the above attacks.

CHAKI, S.M.H. and DIN, M.M., 2019. A Survey on SQL Injection Prevention Methods. International Journal of Innovative Computing9(1).

ROSS, K., MOH, M., MOH, T.S. and Yao, J., 2017. Poster: Multi-source data analysis for SQL injection detection. In 38th IEEE Symposium on Security and Privacy (IEEE S&P), San Jo-se, CA.

SINGH, T. and AKSANLI, B., 2019. November. Real-time Traffic Monitoring and SQL Injection Attack Detection for Edge Networks. In Proceedings of the 15th ACM International Symposium on QoS and Security for Wireless and Mobile Networks. pp. 29-36.

Leave a Reply

Your email address will not be published. Required fields are marked *