A Literature Review and Comparative Analyses on SQL Injection: Vulnerabilities, Attacks and their Prevention and Detection Techniques
نویسندگان
چکیده
SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The attack takes advantage of poor input validation in code and website administration. It allows attackers to obtain unauthorized access to the back-and database to change the intended application generated SQL queries. Researchers have proposed various solutions to address SQL injection problems. However, many of them have limitations and often cannot address all kind of injection problems. What’s more, new types of SQL injection attacks have arisen over the years. To better counter these attacks, identifying and understanding existing techniques are very important. In this research we present all SQL injection attack types and also different techniques and tools which can detect or prevent these attacks.
منابع مشابه
Survey and Comparative Analysis of SQL Injection Attacks, Detection and Prevention Techniques for Web Applications Security
Web applications witnessed a rapid growth for online business and transactions are expected to be secure, efficient and reliable to the users against any form of injection attacks. SQL injection is one of the most common application layer attack techniques used today by hackers to steal data from organizations. It is a technique that exploits a security vulnerability occurring in the database l...
متن کاملAnalysis of SQL Injection Detection Techniques
SQL Injection is one of the vulnerabilities in OWASP’s Top Ten List for Web Based Application Exploitation. These types of attacks takes place on Dynamic Web applications as they interact with the databases for the various operations. Current Content Management System like Drupal, Joomla or Wordpress have all the information stored in their databases. A single intrusion into these types of webs...
متن کاملWeb Application Vulnerabilities Monitoring & Avoiding Techniques
In recent years the great advances have occurred in the field of Information & Technology, there are several services provided by the I.T. to an ordinary user some of them may possibly depend on each other, as we know the critical aspect is Information on which everything depends. As the globalization increases the information regarding every prospective is also get increased ,so it is very nec...
متن کاملDetection and Prevention of SQL Injection attack
SQL injection is a technique where the attacker injects an input in the query in order to change the structure of the query intended by the programmer and gaining the access of the database which results modification or deletion of the user’s data. In the injection it exploits a security vulnerability occurring in database layer of an application. SQL injection attack is the most common attack ...
متن کاملProgram Analyses of Web Applications for Detecting Application-Specific Vulnerabilities
Web applications are prevalent in the modern era, regulating access to sensitive information, functionality and resources. Due to the difficulty in designing and implementing proper security checks for untrusted user inputs and actions, web applications often fall victim to various online attacks. In particular, application-specific vulnerabilities are easy to exploit and often have severe cons...
متن کامل