Sign up Log in
rjees logo



Adoption of Internet Voting Platform Containing Data Injection Threats with Structured LINQ

Authors: Nwankwo W, Njoku CC

ABSTRACT

Web-based and other electronic voting platforms are growing as some countries have considered them viable in ensuring transparency and accountability during elections. One of the most cited challenges that hinders widespread adoption borders on cybersecurity. In modern times, attackers and cyber criminals have developed automated tools that could exploit seemingly secured data intensive applications within few minutes resulting to data breaches and losses. Data injection attacks (DIA) are prevalent on web applications and software engineers are combatting the trend using techniques such as parameterized queries (PQ), stored procedures (SP), and language integrated query (LINQ). This paper is aimed at evaluating the effectiveness of LINQ in circumventing DIA directed to internet voting application (IVP). This paper employed a hybrid approach comprising object-oriented techniques (OOT), exploitation, and vulnerability analysis respectively. OOT was used to develop two streams of IVP with C# as the base language. The two software streams were: Fully LINQ-based, and embedded SQL-based with LINQ. Vulnerability analysis were conducted on both application streams using the SQLMAP installed on kali Linux. The results showed that a LINQ-only platform offered good resistance to data injection, whereas the application stream with traditional embedded SQL was susceptible to exploitation with SQLMAP. It is concluded that the use of carefully structured LINQ could effectively circumvent web-based injection attacks in IVPs.


Affiliations: Department of Computer Science, Edo University Iyamho, Edo State, Nigeria.
Keywords: Internet Voting, LINQ, Stored Procedures, Parameterized Queries, Data Injection, Vulnerability
Published date: 2019/12/30

Download Full Text

SUBMIT A MANUSCRIPT

ISSN: 2635-3342 (Print)

ISSN: 2635-3350 (Online)

DOI: In progress

ISI Impact Factor: In progress

Indexing & Abstracting
google scholar Directory of research journal indexing JIFactor Info base index scientific journal impact factor

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License



(+234) 806 927 5563

Chemical Engineering Department, Faculty of Engineering, University of Benin, PMB 1154, Ugbowo, Benin City, Edo State, Nigeria.