SQL Injection attack roadmap and fusion
With SQL Injection, an attacker can change the intended effect of dynamically generated query in a web Application. This can lead to unauthorized access to the database underlying web application, and harmful transactions on the potentially sensitive information contained in the database. Clear unde...
| Huvudupphovsmän: | , , , , |
|---|---|
| Materialtyp: | Artikel |
| Språk: | English |
| Publicerad: |
Indian Society for Education and Environment
2016
|
| Länkar: | http://psasir.upm.edu.my/id/eprint/53870/1/SQL%20Injection%20attack%20roadmap%20and%20fusion.pdf |
| _version_ | 1825930932611186688 |
|---|---|
| author | Umar, Kabir Md Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik |
| author_facet | Umar, Kabir Md Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik |
| author_sort | Umar, Kabir |
| collection | UPM |
| description | With SQL Injection, an attacker can change the intended effect of dynamically generated query in a web Application. This can lead to unauthorized access to the database underlying web application, and harmful transactions on the potentially sensitive information contained in the database. Clear understanding of a problem always assists in finding stronger solution to the problem. In this paper, we conducted an extensive review of several empirical studies on SQL injection attacks and vulnerabilities, with the goal of providing the research community with better insight into possible relationship that exists between different types of SQL Injection Attacks (SQLIAs), and the types of vulnerabilities exploited by each. Consequently, the result of our study is presentation of SQLIAs fusion which shows how different types of SQLIAs lead to one another, and also presentation of step by step SQLIA roadmap. We are very optimistic that our study can help the research community with clearer understanding of SQL Injections, and thus facilitates emergence of stronger solutions to the long standing problem. |
| first_indexed | 2024-03-06T09:19:04Z |
| format | Article |
| id | upm.eprints-53870 |
| institution | Universiti Putra Malaysia |
| language | English |
| last_indexed | 2024-03-06T09:19:04Z |
| publishDate | 2016 |
| publisher | Indian Society for Education and Environment |
| record_format | dspace |
| spelling | upm.eprints-538702018-02-15T09:14:56Z http://psasir.upm.edu.my/id/eprint/53870/ SQL Injection attack roadmap and fusion Umar, Kabir Md Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik With SQL Injection, an attacker can change the intended effect of dynamically generated query in a web Application. This can lead to unauthorized access to the database underlying web application, and harmful transactions on the potentially sensitive information contained in the database. Clear understanding of a problem always assists in finding stronger solution to the problem. In this paper, we conducted an extensive review of several empirical studies on SQL injection attacks and vulnerabilities, with the goal of providing the research community with better insight into possible relationship that exists between different types of SQL Injection Attacks (SQLIAs), and the types of vulnerabilities exploited by each. Consequently, the result of our study is presentation of SQLIAs fusion which shows how different types of SQLIAs lead to one another, and also presentation of step by step SQLIA roadmap. We are very optimistic that our study can help the research community with clearer understanding of SQL Injections, and thus facilitates emergence of stronger solutions to the long standing problem. Indian Society for Education and Environment 2016-07 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/53870/1/SQL%20Injection%20attack%20roadmap%20and%20fusion.pdf Umar, Kabir and Md Sultan, Abu Bakar and Zulzalil, Hazura and Admodisastro, Novia and Abdullah @ Selimun, Mohd Taufik (2016) SQL Injection attack roadmap and fusion. Indian Journal of Science and Technology, 9 (28). pp. 1-10. ISSN 0974-6846; ESSN: 0974-5645 http://www.indjst.org/index.php/indjst/article/view/97810 10.17485/ijst/2016/v9i28/97810 |
| spellingShingle | Umar, Kabir Md Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik SQL Injection attack roadmap and fusion |
| title | SQL Injection attack roadmap and fusion |
| title_full | SQL Injection attack roadmap and fusion |
| title_fullStr | SQL Injection attack roadmap and fusion |
| title_full_unstemmed | SQL Injection attack roadmap and fusion |
| title_short | SQL Injection attack roadmap and fusion |
| title_sort | sql injection attack roadmap and fusion |
| url | http://psasir.upm.edu.my/id/eprint/53870/1/SQL%20Injection%20attack%20roadmap%20and%20fusion.pdf |
| work_keys_str_mv | AT umarkabir sqlinjectionattackroadmapandfusion AT mdsultanabubakar sqlinjectionattackroadmapandfusion AT zulzalilhazura sqlinjectionattackroadmapandfusion AT admodisastronovia sqlinjectionattackroadmapandfusion AT abdullahselimunmohdtaufik sqlinjectionattackroadmapandfusion |