WEB BASED DATABASE SECURITY IN INTERNET OF THINGS USING FULLY HOMOMORPHIC ENCRYPTION AND DISCRETE BEE COLONY OPTIMIZATION

IF 1.1 4区计算机科学 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE Malaysian Journal of Computer Science Pub Date : 2020-11-27 DOI:10.22452/mjcs.sp2020no1.1

Samuel Raj Samuel Raj, M. V. Prakash, T. Prince, K. Shankar, Vijayakumar Varadarajan, Fredi Nonyelu

{"title":"WEB BASED DATABASE SECURITY IN INTERNET OF THINGS USING FULLY HOMOMORPHIC ENCRYPTION AND DISCRETE BEE COLONY OPTIMIZATION","authors":"Samuel Raj Samuel Raj, M. V. Prakash, T. Prince, K. Shankar, Vijayakumar Varadarajan, Fredi Nonyelu","doi":"10.22452/mjcs.sp2020no1.1","DOIUrl":null,"url":null,"abstract":"Web applications are utilized on an extensive scale across the globe and it handles sensitive individual information of users. Structured Query Language (SQL) Data Inference (DI) and injection are procedures that abuse a security defenselessness occurring in the database layer of an application. This research article focuses on website page database security with the help of optimization and encryption methods for Web of Things Environments. Initially, the selected queries in webpage application are injected as per Discrete Bee Colony Optimization (DBCO) procedure. After the Proxy filtering, the injection prevention model is utilized, the injected data with various queries of different special characters are utilized. At long last, the attack gets detected depending on the user query with the assistance of query tree mechanism. Besides, an effective Fully Homomorphic Encryption (FHE) encryption is proposed in the study. From the implementation results, it is to be noted that the proposed method achieved 93.56% security level for the prevented webpage implication-based databases. The effect on the businesses must be comprehended to decrease the risk involved in SQL and DI injection assaults.","PeriodicalId":49894,"journal":{"name":"Malaysian Journal of Computer Science","volume":" ","pages":""},"PeriodicalIF":1.1000,"publicationDate":"2020-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Malaysian Journal of Computer Science","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.22452/mjcs.sp2020no1.1","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 4

Abstract

Web applications are utilized on an extensive scale across the globe and it handles sensitive individual information of users. Structured Query Language (SQL) Data Inference (DI) and injection are procedures that abuse a security defenselessness occurring in the database layer of an application. This research article focuses on website page database security with the help of optimization and encryption methods for Web of Things Environments. Initially, the selected queries in webpage application are injected as per Discrete Bee Colony Optimization (DBCO) procedure. After the Proxy filtering, the injection prevention model is utilized, the injected data with various queries of different special characters are utilized. At long last, the attack gets detected depending on the user query with the assistance of query tree mechanism. Besides, an effective Fully Homomorphic Encryption (FHE) encryption is proposed in the study. From the implementation results, it is to be noted that the proposed method achieved 93.56% security level for the prevented webpage implication-based databases. The effect on the businesses must be comprehended to decrease the risk involved in SQL and DI injection assaults.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于全同态加密和离散蜂群优化的物联网Web数据库安全

Web应用程序在全球范围内被广泛使用，它处理用户的敏感个人信息。结构化查询语言（SQL）数据推理（DI）和注入是滥用应用程序数据库层中发生的安全防御能力的过程。本文借助物联网环境的优化和加密方法，重点研究网站页面数据库的安全性。最初，在网页应用程序中选择的查询是按照离散蜂群优化（DBCO）过程注入的。在代理过滤之后，利用注入防止模型，利用具有不同特殊字符的各种查询的注入数据。最后，在查询树机制的辅助下，根据用户查询来检测攻击。此外，本文还提出了一种有效的全同态加密算法。从实现结果来看，值得注意的是，对于被阻止的基于网页含义的数据库，所提出的方法实现了93.56%的安全级别。必须理解对业务的影响，以降低SQL和DI注入攻击所涉及的风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Malaysian Journal of Computer Science COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

2.20

自引率

33.30%

发文量

审稿时长

7.5 months

期刊介绍： The Malaysian Journal of Computer Science (ISSN 0127-9084) is published four times a year in January, April, July and October by the Faculty of Computer Science and Information Technology, University of Malaya, since 1985. Over the years, the journal has gained popularity and the number of paper submissions has increased steadily. The rigorous reviews from the referees have helped in ensuring that the high standard of the journal is maintained. The objectives are to promote exchange of information and knowledge in research work, new inventions/developments of Computer Science and on the use of Information Technology towards the structuring of an information-rich society and to assist the academic staff from local and foreign universities, business and industrial sectors, government departments and academic institutions on publishing research results and studies in Computer Science and Information Technology through a scholarly publication. The journal is being indexed and abstracted by Clarivate Analytics'' Web of Science and Elsevier''s Scopus