A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies
In today’s world, Web applications play a very important role in individual life as well as in any country’s development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than that was expected few years ago. Now-a-days, billions of trans...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
International Information Institute, Japan
2011
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/10624/ http://irep.iium.edu.my/10624/ http://irep.iium.edu.my/10624/1/Revised_manus_Jour-INFORMATION-sub_v3.pdf |
| id |
iium-10624 |
|---|---|
| recordtype |
eprints |
| spelling |
iium-106242011-12-21T03:57:29Z http://irep.iium.edu.my/10624/ A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies Diallo , Abdoulaye Kindy Pathan, Al-Sakib Khan QA75 Electronic computers. Computer science QA76 Computer software In today’s world, Web applications play a very important role in individual life as well as in any country’s development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than that was expected few years ago. Now-a-days, billions of transactions are done online with the aid of different Web applications. Though these applications are used by hundreds of people, in many cases the security level is weak, which makes them vulnerable to get compromised. In most of the scenarios, a user has to be identified before any communication is established with the backend database. An arbitrary user should not be allowed access to the system without proof of valid credentials. However, a crafted injection gives access to unauthorized users. This is mostly accomplished via SQL Injection input. In spite of the development of different approaches to prevent SQL injection, it still remains an alarming threat to Web applications. In this paper, we present a detailed survey on various types of SQL Injection vulnerabilities, attacks, and their prevention techniques. Alongside presenting our findings from the study, we also note down future expectations and possible development of countermeasures against SQL Injection attacks. International Information Institute, Japan 2011 Article PeerReviewed application/pdf en http://irep.iium.edu.my/10624/1/Revised_manus_Jour-INFORMATION-sub_v3.pdf Diallo , Abdoulaye Kindy and Pathan, Al-Sakib Khan (2011) A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies. Information Journal. ISSN 1343-4500 (P), 1344-8994 (O) (In Press) http://www.information-iii.org/information_journal.html |
| repository_type |
Digital Repository |
| institution_category |
Local University |
| institution |
International Islamic University Malaysia |
| building |
IIUM Repository |
| collection |
Online Access |
| language |
English |
| topic |
QA75 Electronic computers. Computer science QA76 Computer software |
| spellingShingle |
QA75 Electronic computers. Computer science QA76 Computer software Diallo , Abdoulaye Kindy Pathan, Al-Sakib Khan A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies |
| description |
In today’s world, Web applications play a very important role in individual life as well as in any country’s development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than that was expected few years ago. Now-a-days, billions of transactions are done online with the aid of different Web applications. Though these applications are used by hundreds of people, in many cases the security level is weak, which makes them vulnerable to get compromised. In most of the scenarios, a user has to be identified before any communication is established with the backend database. An arbitrary user should not be allowed access to the system without proof of valid credentials. However, a crafted injection gives access to unauthorized users. This is mostly accomplished via SQL Injection input. In spite of the development of different approaches to prevent SQL injection, it still remains an alarming threat to Web applications. In this paper, we present a detailed survey on various types of SQL Injection vulnerabilities, attacks, and their prevention techniques. Alongside presenting our findings from the study, we also note down future expectations and possible development of countermeasures against SQL Injection attacks. |
| format |
Article |
| author |
Diallo , Abdoulaye Kindy Pathan, Al-Sakib Khan |
| author_facet |
Diallo , Abdoulaye Kindy Pathan, Al-Sakib Khan |
| author_sort |
Diallo , Abdoulaye Kindy |
| title |
A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies |
| title_short |
A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies |
| title_full |
A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies |
| title_fullStr |
A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies |
| title_full_unstemmed |
A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies |
| title_sort |
detailed survey on various aspects of sql injection: vulnerabilities, innovative attacks, and remedies |
| publisher |
International Information Institute, Japan |
| publishDate |
2011 |
| url |
http://irep.iium.edu.my/10624/ http://irep.iium.edu.my/10624/ http://irep.iium.edu.my/10624/1/Revised_manus_Jour-INFORMATION-sub_v3.pdf |
| first_indexed |
2023-09-18T20:20:01Z |
| last_indexed |
2023-09-18T20:20:01Z |
| _version_ |
1777408044277170176 |