Security testing tool for NoSQL systems

Abstract EN

NoSQL systems are becoming more popular due to their inherent advantages and solutions it provides to the limits of a relational database.

However, despite its benefits, it comes with security challenges.

In this paper, an input validation mechanism architecture is proposed for Mongo DB to detect and prevent NoSQL injection attacks, the mechanism employs a Deterministic Finite Automaton (DFA) approach to detect and prevent attacks on NoSQL systems.

Furthermore, a security comparison of some NoSQL systems is provided based on recent literature.

The security features compared are authentication, authorization, data encryption and input validation.

The proposed mechanism will improve the security of Mongo DB system because invalid inputs requests will be detected and prevented from being processed.