Web applications are easily accessible by cybercriminals and are the main targets for malicious attacks. Web application attacks raise security concerns for individuals and organizations because they may cause financial loss and information leaks that may erode clients’ trust. A type of web application attack, which is very dangerous is SQL injection, it targets databases. Cross-Site Scripting is another web application attack that redirects users to phishing websites. Although tools are available to monitor and detect SQL injection and cross-site scripting, the potential impact of these tools is insufficient. Therefore, a gap in this domain is to develop tools that can adequately monitor and detect web application attacks viz. SQL injection and Cross-Site Scripting. In this study, a security solution is proposed using an artificial neural network (ANN) to protect web applications against attacks. The solution has been experimented on five web applications with weak security and another five with strong security and demonstrated that this solution could effectively identify malicious SQL queries with negligible performance overhead. The solution has also been developed in a prototypic java-based web application firewall called Web Applications Firewall using Artificial Neutral Networks (WAFANN). The security solution system will benefit cloud service providers, website hosting services, website development companies, and individuals that develop websites. Due to the inadequacy of web applications to test this solution, this research concludes based on the ten web applications (used for experiment purposes) to provide efficient security to prevent SQL injection attacks.

Username
Password