UPM Institutional Repository

SQL Injection attack roadmap and fusion


Umar, Kabir and Md Sultan, Abu Bakar and Zulzalil, Hazura and Admodisastro, Novia and Abdullah @ Selimun, Mohd Taufik (2016) SQL Injection attack roadmap and fusion. Indian Journal of Science and Technology, 9 (28). pp. 1-10. ISSN 0974-6846; ESSN: 0974-5645


With SQL Injection, an attacker can change the intended effect of dynamically generated query in a web Application. This can lead to unauthorized access to the database underlying web application, and harmful transactions on the potentially sensitive information contained in the database. Clear understanding of a problem always assists in finding stronger solution to the problem. In this paper, we conducted an extensive review of several empirical studies on SQL injection attacks and vulnerabilities, with the goal of providing the research community with better insight into possible relationship that exists between different types of SQL Injection Attacks (SQLIAs), and the types of vulnerabilities exploited by each. Consequently, the result of our study is presentation of SQLIAs fusion which shows how different types of SQLIAs lead to one another, and also presentation of step by step SQLIA roadmap. We are very optimistic that our study can help the research community with clearer understanding of SQL Injections, and thus facilitates emergence of stronger solutions to the long standing problem.

Download File

SQL Injection attack roadmap and fusion.pdf

Download (5kB) | Preview

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.17485/ijst/2016/v9i28/97810
Publisher: Indian Society for Education and Environment
Keywords: Attack intents; Attack mechanism; Inter-attacks relationship; Vulnerabilities exploitation; Web applications
Depositing User: Nurul Ainie Mokhtar
Date Deposited: 15 Feb 2018 09:14
Last Modified: 15 Feb 2018 09:14
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.17485/ijst/2016/v9i28/97810
URI: http://psasir.upm.edu.my/id/eprint/53870
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item