Systematic literature review on SQL injection attack
SQL injection attack is a common threat to web applications that utilizes poor input validation to implement attack on a target database. It is becoming a very serious problem in web applications as successful execution leads to loss of integrity and confidentiality and this makes it a very sensitiv...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Medwell Journals
2016
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/29102/1/Systematic%20literature%20review%20on%20SQL%20injection%20attack.pdf http://psasir.upm.edu.my/id/eprint/29102/ http://www.medwelljournals.com/abstract/?doi=ijscomp.2016.26.35 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Putra Malaysia |
| Language: | English |
| id |
my.upm.eprints.29102 |
|---|---|
| record_format |
eprints |
| spelling |
my.upm.eprints.291022016-06-20T05:57:45Z http://psasir.upm.edu.my/id/eprint/29102/ Systematic literature review on SQL injection attack Aminu, Lawal Muhammad Md Sultan, Abu Bakar Shakiru, Ayanloye O. SQL injection attack is a common threat to web applications that utilizes poor input validation to implement attack on a target database. It is becoming a very serious problem in web applications as successful execution leads to loss of integrity and confidentiality and this makes it a very sensitive issue of software security. The study presents a Systematic Literature Review (SLR) on SQL Injection Attacks (SQLIA) following Kitchenham's procedure of performing systematic literature review. This study gives a review on SQL injection attack, detection and prevention techniques. In the end, an evaluation of the techniques is carried out to check the effectiveness of each technique based on how many method of attack it can detect and prevent. It is imperative to note that a good number of the evaluated techniques were able to detect and prevent all types of SQLIA based on the selected criteria. To determine the best technique resources such as memory and processing time need to be considered in the evaluation. Medwell Journals 2016 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/29102/1/Systematic%20literature%20review%20on%20SQL%20injection%20attack.pdf Aminu, Lawal Muhammad and Md Sultan, Abu Bakar and Shakiru, Ayanloye O. (2016) Systematic literature review on SQL injection attack. International Journal of Soft Computing, 11 (1). pp. 26-35. ISSN 1816-9503 http://www.medwelljournals.com/abstract/?doi=ijscomp.2016.26.35 10.3923/ijscomp.2016.26.35 |
| institution |
Universiti Putra Malaysia |
| building |
UPM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Putra Malaysia |
| content_source |
UPM Institutional Repository |
| url_provider |
http://psasir.upm.edu.my/ |
| language |
English |
| description |
SQL injection attack is a common threat to web applications that utilizes poor input validation to implement attack on a target database. It is becoming a very serious problem in web applications as successful execution leads to loss of integrity and confidentiality and this makes it a very sensitive issue of software security. The study presents a Systematic Literature Review (SLR) on SQL Injection Attacks (SQLIA) following Kitchenham's procedure of performing systematic literature review. This study gives a review on SQL injection attack, detection and prevention techniques. In the end, an evaluation of the techniques is carried out to check the effectiveness of each technique based on how many method of attack it can detect and prevent. It is imperative to note that a good number of the evaluated techniques were able to detect and prevent all types of SQLIA based on the selected criteria. To determine the best technique resources such as memory and processing time need to be considered in the evaluation. |
| format |
Article |
| author |
Aminu, Lawal Muhammad Md Sultan, Abu Bakar Shakiru, Ayanloye O. |
| spellingShingle |
Aminu, Lawal Muhammad Md Sultan, Abu Bakar Shakiru, Ayanloye O. Systematic literature review on SQL injection attack |
| author_facet |
Aminu, Lawal Muhammad Md Sultan, Abu Bakar Shakiru, Ayanloye O. |
| author_sort |
Aminu, Lawal Muhammad |
| title |
Systematic literature review on SQL injection attack |
| title_short |
Systematic literature review on SQL injection attack |
| title_full |
Systematic literature review on SQL injection attack |
| title_fullStr |
Systematic literature review on SQL injection attack |
| title_full_unstemmed |
Systematic literature review on SQL injection attack |
| title_sort |
systematic literature review on sql injection attack |
| publisher |
Medwell Journals |
| publishDate |
2016 |
| url |
http://psasir.upm.edu.my/id/eprint/29102/1/Systematic%20literature%20review%20on%20SQL%20injection%20attack.pdf http://psasir.upm.edu.my/id/eprint/29102/ http://www.medwelljournals.com/abstract/?doi=ijscomp.2016.26.35 |
| _version_ |
1643829660554887168 |