International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

SQL Injection Attacks and Defense Mechanisms

Omkar Kamleshwar KambreDepartment of Information Technology, SVKM’s Shri Bhagubhai Mafatlal Polytechnic, Mumbai, IndiaKabir Kiran ShahDepartment of Information Technology, SVKM’s Shri Bhagubhai Mafatlal Polytechnic, Mumbai, IndiaPankaj Dulabhai RathodSenior Lecturer, Dept. of Information Technology, SVKM’s Shri Bhagubhai Mafatlal Polytechnic, Mumbai, India

Vol 7 No 2 (2023): Volume 7, Issue 2, February 2023 | Pages: 101-106

International Research Journal of Innovations in Engineering and Technology

OPEN ACCESS | Research Article | Published Date: 04-03-2023

doi Logo doi.org/10.47001/IRJIET/2023.702016

pdf iconFull Text PDF
Abstract

Protection of data is essential in this rapidly evolving technological world. As many of the users rely on the database management system for protection and storage of the sensitive/personal data. Hackers use various methods to invade the user’s privacy such as SQL Injection Attack, Denial of Service, Weak Authentication, etc. There are several measures to counter these attacks such as Vulnerability Scanners, Input Validation, Firewall and Intrusion Detection Systems, Two Factor Authentication and Password Complexity, etc. This paper studies the types of Database Attacks, their counter measures and proposes an approach to defend against these attacks.

Keywords

SQL Injection Attack, Denial of Service, Weak Authentication, Vulnerability Scanners, Input Validation, Firewall and Intrusion Detection Systems, Two Factor Authentication and Password Complexity


Citation of this Article

Omkar Kamleshwar Kambre, Kabir Kiran Shah, Pankaj Dulabhai Rathod, “SQL Injection Attacks and Defense Mechanisms” Published in International Research Journal of Innovations in Engineering and Technology - IRJIET, Volume 7, Issue 2, pp 101-106, February 2023. Article DOI https://doi.org/10.47001/IRJIET/2023.702016

Licence Copyright (c) 2026 International Research Journal of Innovations in Engineering and Technology creative common licence This work is licensed under Creative common Attribution Non Commercial 4.0 Internation Licence
References
  1. Igor Tasevski and Kire Jakimoski, “Overview of SQl Defense Mechanisms,” Serbia, Belgrade, November 24-25, 2020.
  2. Angshuman Jana, Priyam Bordoloi and Dipendu Maity, “Input-Based Analysis Approach to prevent SQL injection Attacks”, 5-7 June 2020, Dhaka, Bangladesh.
  3. Tao Zhang and Xi Guo, “Research on SQL Injection vulnerabilities and it’s Detection Methods”, 2020 4th Annual Conference on Data Science and Business Analytics (ICDSBA).
  4. Chen Ping, Wang Jinshuang, Yang Lanjuan and Pan Lin, “SQL Injection Teaching Based on SQLi-labs”, 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE).
  5. Hanan Alsobhi, Reen Alshareef, “SQL Injection Countermeasures Methods”, 2020 International Conference on Computing and Information Technology, University of Tabuk, Kingdom of Saudi Arabia.
  6. Li Qian, Zhenyuan Zhu, Jun Hu, Shuying Liu, “Research on SQL Injection Attack and Prevention Technology”, 2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF 2015).
  7. Zain Marashdeh, Khaled Suwais, Mohammad Alia, “A Survey on SQL Injection Attack: Detection and Challenges”, 2021 International Conference on Information Technology (ICIT).
  8. Atefeh Tajpour, Mohammad JorJor zade Shooshtari, “Evaluation of SQL Injection Detection and Prevention Techniques”, 2010 Second International Conference on Computational Intelligence, Communication Systems and Networks.
  9. Atefeh Tajpour, Maslin Massrum, Mohammad Zaman Heydari, “Comparison of SQL Injection Detection and Prevention Techniques”, 201O 2nd International Conference on Education Technology and Computer (ICETC).
  10. Srdjan Zivanic, Stefan Ruvceski, Ilija Basicevic, “Network security education: SQL injection attacks”.
  11. Aditya Rai, MD. Mazharul Islam Miraz, Deshbandhu Das, Harpreet Kaur, Swati, “SQL Injection: Classification and Prevention”, 2021 2nd International Conference on Intelligent Engineering and Management (ICIEM).
  12. Kotomi Kuroki∗, Yo Kanemoto∗, Kazufumi Aoki∗, Yasuhiro Noguchi†, Masakatsu Nishigaki†, “Attack Intention Estimation Based on Syntax Analysis and Dynamic Analysis for SQL Injection”, 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC).
  13. Himanshu Gupta, Subhash Mondal, Srayan Ray, Biswajit Giri, Rana Majumdar, Ved P Mishra, “Impact of SQL Injection in Database Security”, 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE) December 11–12, 2019, Amity University Dubai, UAE.

Copyright @ 2026 IRJIET. All Right Reserved.

Licensed underCreative Commons Attribution 4.0 International License.