1001 Joined Procedure Strategy: A New Approach for SQL Infusion Shahriat Hossain Dept. of CSE University of South Asia Bangladesh E-mail: somel90@gmail.com Kh Ashique Mahmud Dept. of CSE University of South Asia Bangladesh E-mail:ashique12009@gmail.com Md. Tomig Uddin Ahmed Planning Division Ministry of Planning Bangladesh E-mail: ssa@plandiv.gov.bd Abstract - Users are using web applications for their personal or business interests like blog, email, e-commerce and ERP solutions and the usage of these applications are increasing day-to-day life all over the world. Web Developers develop these systems using different programming languages and store user’s information into the database system like SQL or MYSQL. Hacking of such web applications also has been increased in a dangerous way that can be impacted as confidential information stealing with a loss of money and important user data. Hackers are implementing different types of vulnerabilities. We face lots of security vulnerabilities of web applications at present such as XSS, CSRF, XXE etc. and SQL Injection is the top most one according to the report of OWASP. The intension of this paper is to propose a new approach Joined Procedure Strategy for SQL infusion. This paper breaks down three high level security layer approaches which are Pattern Matching, Prepared Statements and Bound Parameters and these approaches are used to protect different types of SQL injection attacks. At the end, it assesses this new Joined Procedure Strategy approach implementing each security layers on a dynamic website to mitigate SQL injections. Keywords – Joined Procedure Strategy, SQL Injection, web application vulnerabilities, SQLi mitigation strategy I. INTRODUCTION The popularity of internet is increasing in short order, the usage of web applications, mobile applications and web services also flourishing tremendously. People are using these Media for different purposes like for writing blog; manage contents, emails, ERP solutions etc. And these systems are being developed using server scripting languages and to manage data, developers are also using database languages like SQL, MYSQL. On the other hand, the risk of using web and mobile applications also are increasing horribly. Hackers are implementing different techniques known as security vulnerabilities to hack web and mobile applications and also web services. According to the report of OWASP Foundation in 2017 there are top 10 such security flaws [1] which are dangerously implementing by hackers to mass up and steal confidential information from web applications. And SQL Injection [2] [3] [4] is the top most one of those security vulnerabilities. This paper proposes a new approach to mitigate SQL injection attacks by utilizing Joined Procedure Strategy which is the combination of three high level security layer approaches. This paper ensures that this approach is significant to protect different types of SQL infusions. To evaluate this proposed approach we have used PHP, MySQL based website, and nevertheless this approach can be effortlessly adapted to different platforms with insignificant adjustments. Our trial comes about demonstrate that this approach can secure web applications without perceptible contrast in their execution.