A Detailed Survey on Various Aspects of SQL Injection in Web Applications: Vulnerabilities, Innovative Attacks, and Remedies
Diallo Abdoulaye Kindy, Al-Sakib Khan Pathan
TL;DR
This paper provides a comprehensive survey of SQL Injection vulnerabilities, attack methods, and prevention techniques in web applications, highlighting ongoing challenges and future directions for securing online systems.
Contribution
It offers an extensive review of SQL Injection types, innovative attack strategies, and discusses current and future countermeasures, filling gaps in existing security research.
Findings
SQL Injection remains a significant threat despite prevention efforts.
Various attack techniques have evolved, complicating defense strategies.
Future research should focus on developing more robust and adaptive countermeasures.
Abstract
In today's world, Web applications play a very important role in individual life as well as in any country's development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than that was expected few years ago. Now-a-days, billions of transactions are done online with the aid of different Web applications. Though these applications are used by hundreds of people, in many cases the security level is weak, which makes them vulnerable to get compromised. In most of the scenarios, a user has to be identified before any communication is established with the backend database. An arbitrary user should not be allowed access to the system without proof of valid credentials. However, a crafted injection gives access to unauthorized users. This is mostly accomplished via SQL Injection input. In spite of the development of different…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.