Publication Type : Journal Article
Publisher : Communications in Computer and Information Science
Source : Communications in Computer and Information Science, Springer Verlag, Volume 536, p.538-546 (2015)
Url : https://www.scopus.com/inward/record.uri?eid=2-s2.0-84983371456&partnerID=40&md5=cbd510f06c9e6fb7fd3132c9efd4f99c
Keywords : Application development, Automata theory, Automaton, Big data, Digital storage, Effective performance, MongoDB, Network security, Non-Relational Databases, Prevention techniques, Relational Database, Storage and retrievals
Campus : Coimbatore
School : School of Engineering
Department : Computer Science
Year : 2015
Abstract : The eminent web-applications of today are data-intensive. The data generated is of the order of petabytes and zetabytes. Using relational databases for storing them only complicates the storage and retrieval in the DB and degradation of its performance. The big data explosion demanded the need for a more flexible, high-performance storage concept the NoSQL movement. The NoSQL databases were designed to overcome the flaws of the relational databases including the security aspects. The effective performance and efficient storage criteria were satisfied by the non-relational databases. The attackers, as usual found their way into the NoSQL databases that were considered to be secure. The injection attacks, one of the top-listed attack type of the relational databases poses threat to the non-relational databases as well. MongoDB is one of the prominent NoSQL databases to which the application development trends are shifting. In this paper, we present the different injection attacks on the leading NoSQL database and an automata based detection and prevention technique for this attack. We also evaluate the effectiveness on different subjects with a number of legitimate as well as illegitimate inputs. Our results show that our approach was able to detect all the attacks. © Springer International Publishing Switzerland 2015.
Cite this Research Publication : S. Joseph and Jevitha, K. P., “An automata based approach for the prevention of NOSQL injections”, Communications in Computer and Information Science, vol. 536, pp. 538-546, 2015.