Main Article Content


applications are used to search, sort, calculate, report and share information. Databases
can also contain code to perform mathematical and statistical calculations on the data to support queries
submitted by users. Databases allow for data to be stored quickly and easily and are used in many aspects of
your daily life. SQL injection is a code injection technique, used to attack data-driven applications, in which
malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to
the attacker). The most common cause of database vulnerabilities is a lack of due care at the moment they
are deployed. In this paper, we propose SEPTIC(Self-ProtecTIng databases from attaCks), a mechanism for
DBMS attack prevention, which can also assist on the identification of the vulnerabilities in the applications.
To implement SEPTIC mechanism, we develop an online shopping application. The user may browse
through these products as per categories. If the user likes a product, he/she can add it to his/her shopping
cart. Once user wishes to checkout, he must register on the site first. Once the user makes a successful
transaction admin will get report of his bought products. To develop a secure path for transaction done
by the user AES algorithm is an (Advanced Encryption Standard) encryption technique, the
transaction and user account details can be made secured.


SQL injection, Attack Detection, Attack Prevention, DBMS, Machine Learning.

Article Details

How to Cite
“SURVEY ON DETECTING SQL INJECTION ATTACK INSIDE THE DBMS USING SEPTIC”, IEJRD - International Multidisciplinary Journal, vol. 4, no. Special Issue, p. 5, Apr. 2019.