@article{MAKHILLAJIT201615226499,
    title = {Automatic Prevention of Union Query Type SQL Injection Attack Using Private Synonym and Error Message Controller},
    journal = {Asian Journal of Information Technology},
    volume = {15},
    number = {22},
    pages = {4445-4449},
    year = {2016},
    issn = {1682-3915},
    doi = {ajit.2016.4445.4449},
    url = {https://makhillpublications.co/view-article.php?issn=1682-3915&doi=ajit.2016.4445.4449},
    author = {N. and},
    keywords = {Database security,SQLIA,web application,security threats,run time monitoring},
    abstract = {Web applications are software applications which allow the end users to access the most valuable
services like credit card services, purchase orders, online booking services and so on. The developers of the
web applications pay more concentration on developing the features and functionality of the applications. They
spend only little amount of time to secure web applications. Unfortunately, the web applications are vulnerable
to various threats like SQLIA, cross site scripting, buffer overflow, etc. Despite, the web applications are
vulnerable to many kinds of threats and attacks, SQLIA (SQL injection attack) is the most vulnerable to web
applications. It is a kind of attack where malicious users try to access the database layer of an application
through crafted input query strings. Ignoring the existence of these kinds of attacks leads to various kinds of
SQLIA. One among them is union queries SQL injection attack. Through this attack, an attacker gets the result
set of original query along with the result set of injected query. This study analyzes the weaknesses of union
query SQL injection attack and proposes a novel approach to prevent the union query at run time.}
    }