"Analysis of SQL Injection Attack" by Jayeeta Majumder and Gargi Saha

International Journal of Computer Science and Informatics

Article Title

Authors

Jayeeta Majumder, Department of Computer Science and Engineering, Haldia Institute of Technology , Haldia, West Bengal IndiaFollow
Gargi Saha, Department of Computer Science and Engineering, Haldia Institute of Technology , Haldia, West Bengal IndiaFollow

Abstract

SQL injection attacks are a serious security threat to Web applications. They allow attackers to obtain unrestricted access to the databases underlying the applications and to the potentially sensitive information these database contain. Various researchers and practitioners have proposed various methods to address the SQL injection problem. To address this problem, we present an extensive review of the various types of SQL injection attacks known to date. For each type of attack, we provide descriptions and examples of how attacks of that type could be performed. We also present a methodology to prevent SQL injection attacks. It concentrates on the SQL queries and SQL stored procedure where input parameters are injected by the attacker. After a rigorous input validation with our proposed SQL security model will ensure input validation.

Recommended Citation

Majumder, Jayeeta and Saha, Gargi (2013) "Analysis of SQL Injection Attack," International Journal of Computer Science and Informatics: Vol. 2 : Iss. 4 , Article 7.
Available at: https://www.interscience.in/ijcsi/vol2/iss4/7

Download

Included in

Computer Engineering Commons, Information Security Commons, Systems and Communications Commons

COinS