International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

SQL Injection Attacks and Defense Mechanisms

Abstract

Protection of data is essential in this rapidly evolving technological world. As many of the users rely on the database management system for protection and storage of the sensitive/personal data. Hackers use various methods to invade the user’s privacy such as SQL Injection Attack, Denial of Service, Weak Authentication, etc. There are several measures to counter these attacks such as Vulnerability Scanners, Input Validation, Firewall and Intrusion Detection Systems, Two Factor Authentication and Password Complexity, etc. This paper studies the types of Database Attacks, their counter measures and proposes an approach to defend against these attacks.

Country : India

1 Omkar Kamleshwar Kambre2 Kabir Kiran Shah3 Pankaj Dulabhai Rathod

  1. Department of Information Technology, SVKM’s Shri Bhagubhai Mafatlal Polytechnic, Mumbai, India
  2. Department of Information Technology, SVKM’s Shri Bhagubhai Mafatlal Polytechnic, Mumbai, India
  3. Senior Lecturer, Dept. of Information Technology, SVKM’s Shri Bhagubhai Mafatlal Polytechnic, Mumbai, India

IRJIET, Volume 7, Issue 2, February 2023 pp. 101-106

doi.org/10.47001/IRJIET/2023.702016

Full Paper
Download

References

  1. Igor Tasevski and Kire Jakimoski, “Overview of SQl Defense Mechanisms,” Serbia, Belgrade, November 24-25, 2020.
  2. Angshuman Jana, Priyam Bordoloi and Dipendu Maity, “Input-Based Analysis Approach to prevent SQL injection Attacks”, 5-7 June 2020, Dhaka, Bangladesh.
  3. Tao Zhang and Xi Guo, “Research on SQL Injection vulnerabilities and it’s Detection Methods”, 2020 4th Annual Conference on Data Science and Business Analytics (ICDSBA).
  4. Chen Ping, Wang Jinshuang, Yang Lanjuan and Pan Lin, “SQL Injection Teaching Based on SQLi-labs”, 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE).
  5. Hanan Alsobhi, Reen Alshareef, “SQL Injection Countermeasures Methods”, 2020 International Conference on Computing and Information Technology, University of Tabuk, Kingdom of Saudi Arabia.
  6. Li Qian, Zhenyuan Zhu, Jun Hu, Shuying Liu, “Research on SQL Injection Attack and Prevention Technology”, 2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF 2015).
  7. Zain Marashdeh, Khaled Suwais, Mohammad Alia, “A Survey on SQL Injection Attack: Detection and Challenges”, 2021 International Conference on Information Technology (ICIT).
  8. Atefeh Tajpour, Mohammad JorJor zade Shooshtari, “Evaluation of SQL Injection Detection and Prevention Techniques”, 2010 Second International Conference on Computational Intelligence, Communication Systems and Networks.
  9. Atefeh Tajpour, Maslin Massrum, Mohammad Zaman Heydari, “Comparison of SQL Injection Detection and Prevention Techniques”, 201O 2nd International Conference on Education Technology and Computer (ICETC).
  10. Srdjan Zivanic, Stefan Ruvceski, Ilija Basicevic, “Network security education: SQL injection attacks”.
  11. Aditya Rai, MD. Mazharul Islam Miraz, Deshbandhu Das, Harpreet Kaur, Swati, “SQL Injection: Classification and Prevention”, 2021 2nd International Conference on Intelligent Engineering and Management (ICIEM).
  12. Kotomi Kuroki, Yo Kanemoto, Kazufumi Aoki, Yasuhiro Noguchi†, Masakatsu Nishigaki†, “Attack Intention Estimation Based on Syntax Analysis and Dynamic Analysis for SQL Injection”, 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC).
  13. Himanshu Gupta, Subhash Mondal, Srayan Ray, Biswajit Giri, Rana Majumdar, Ved P Mishra, “Impact of SQL Injection in Database Security”, 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE) December 11–12, 2019, Amity University Dubai, UAE.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies