http://www.iaeme.com/IJCIET/index.asp 42 editor@iaeme.com International Journal of Computer Engineering & Technology (IJCET) Volume 6, Issue 10, Oct 2015, pp. 42-50, Article ID: IJCET_06_10_005 Available online at http://www.iaeme.com/IJCET/issues.asp?JType=IJCET&VType=6&IType=10 ISSN Print: 0976-6367 and ISSN Online: 0976–6375 © IAEME Publication ___________________________________________________________________________ DEFEATING SQL INJECTION USING QUERY STRING ATTACK PREVENTION TECHNIQUE U. V. Anbazhagu Assistant Professor, Department of Computer Science and Engineering, VELS UNIVERSITY, Pallavaram, Chennai, India. P. Deepalakshmi and J.S.Praveen Research Scholar , AMET University, Chennai, India. ABSTRACT The ever-increasing dependence on web applications have made a natural target for attackers. Among these attacks SQL Injection Attacks (SQLIA) are the most common. SQL injection attack is a technique to exploit security vulnerability in the database layer of a Web application. In SQLIA, the attacker injects some malicious query to the database in order to change the structure of the query intended by the programmer and thereafter, gain access of database. After accessing the user’s data the actual database can be changed or modified or destroyed. The main cause of such type of attack is the lack of input validation and web administration. Now a day the all important records and details are processed over internet such as the online banking, studies, research works, online examinations. So the main challenge for the developer to keep these records and details out of reach from the hacker or attacker.In this paper Query String Attack Prevention Technique is proposed for detection and prevention technique of SQL injection attack. Key words: WEB application, SQLIA, detection, prevention, vulnerabilities, Web architecture. Cite this Article: Anbazhagu, U. V., Deepalakshmi, P. and Praveen, J. S. Defeating SQL Injection Using Query String Attack Prevention Technique. International Journal of Computer Engineering and Technology, 6(10), 2015, pp. 42-41. http://www.iaeme.com/IJCET/issues.asp?JType=IJCET&VType=6&IType=10 1. INTRODUCTION Web Application hacking such as Injection attacks take advantage of improperly coded applications to insert and execute attacker-specified commands, enabling access to critical data and resources. Web applications need a defense-in-depth