Abstract
: “Data Dictionary Based Mechanism Against SQL Injection Attacks” which helps and manages the important private customer data in a secured manner by mirroring the database structures into unique secure mirroring tables which is managed in a differently managed secure data management system. This plays an effective medium in the prevention of SQL Injection, which is one of the main web attack terminology which is effective utilized by various hackers to steal data from organizations which managed their transactions through online transactions and databases. This is a unique type of intrusion that takes advantage of improperly managed coding in the web applications. SQLIA allows intruders to inject SQL commands into access data’s from the web forms to allow them to gain access to the data held within your database. In this paper we will discuss several types of SQLIAs, existing techniques and their drawbacks. Finally I have proposed a solution for detection using data dictionary and prevention using the intrusion search along with ASCII values. I have implemented it using ASP.net with VB.net and SQL server 2008, although this algorithm can be implemented in any language and for any database platform with minimal modifications.