Please use this identifier to cite or link to this item: http://ir.futminna.edu.ng:8080/jspui/handle/123456789/28693
Title: Classification of Sql Injection Detection And Prevention Measure
Authors: Atiku, Mustapha
Saidu Aliero, Muhammad
Aliyu Ardo, Abdulhamid
Ghani, Imran
Keywords: SQL Injection, Defensive Coding, Injection Parameter, SQLI vulnerability.
Issue Date: Feb-2016
Publisher: IOSR Journal of Engineering
Citation: Aliero, M. S., Ardo, A. A., Ghani, I., & Atiku, M. (2016). Classification of Sql Injection Detection And Prevention Measure. IOSR Journal of Engineering, 6(02).
Series/Report no.: Volume 6;Issue 2
Abstract: : SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized data manipulation language. Defensive coding is a simple and affordable way to tackle this problem, however there are some issue regarding use of defensive coding which makes the system in effective, less resistant and resilience to attack. In this paper we provide detailed background of SQLIA (SQL Injection Attack), classified defensive coding to different categories, reviewed existing technique that are related to each techniques, state strength and weakness of such technique, evaluate such technique based on number of attacks they were able to stop and evaluate each category of approach based on its deployment requirements related to inheritance. The goal of this paper is to provide programmers with common issues that need to be considered before choosing a particular technique and to raise awareness of issues related to such techniques as many of those techniques were not meant for the purpose of protection of SQLIA. In addition, we hope to provide researchers by shedding light on how to develop good SQLI (SQL Injection) protection tools as most of the SQLI protection tools were developed using combination a of two or more defensive coding techniques. Lastly we provide recommendations on to avoid such issues.
URI: http://repository.futminna.edu.ng:8080/jspui/handle/123456789/28693
ISSN: ISSN (e): 2250-3021
Appears in Collections:Information and Media Technology

Files in This Item:
File Description SizeFormat 
SQL INJECTION.pdfJOURNAL230.93 kBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.