Structure Query Language, Injections Attack (SQLIA) is a burning issue now a days in static
applications and web applications databases. SQL Injection ignores the authentication checks and
affects the confidentiality of the database. SQLIA helps the invader to get the illegal access of the
whole database and operate it. Through injection attacks, malfunctioning code can be entered in a site.The existing tools and techniques like SQLRand, CANID, AMNESIA and SQL DOM mainly
focus on providing access to the database only to the authenticated users. These tools do not provide
complete prevention measures against the SQLIA. In this research, Intrusion Detection and Prevention
Model for SQL Injection Attacks will be introduced.
The proposed IDPMIA will detect the malicious queries before execution and reconstruct these
malicious queries. Whenever attackers will try to inject a suspicious query, it would by immediately
recognized by IDPMIA and protective actions will be taken. The proposed approach will be justified
through case studies where multiple SQL Injection attacks will simulate and results will be analyzed
using the proposed model and existing state of the art techniques from literature.