Investigation framework of web applications vulnerabilities, attacks and protection techniques in structured query language injection attacks Online publication date: Wed, 11-Apr-2018
by Nabeel Salih Ali
International Journal of Wireless and Mobile Computing (IJWMC), Vol. 14, No. 2, 2018
Abstract: Web security has become a great challenge in recent years. Structured Query Language Injection Attack (SQLIA) is a prevalent and dominant class of the serious web application attacks. A crafter can easily get illegal access to the underlying database in the web application thereby gaining full control of the system and causing millions of dollars loss for corporations. In this paper, we provide a comprehensive study of web applications and investigate their vulnerabilities, attacks, and protection techniques against SQLIA Attacks. The study includes presenting a taxonomy of the SQLIAs investigation framework, conducts a detailed review of the various previous SQLI attacks protection techniques, as well as a summary and analysis of a critical review (strengths and weaknesses) of the detection and prevention techniques that have been done to address such attacks. Finally, it highlights and focuses on the critical and important directions or protection approaches that require more studies by future researchers.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Wireless and Mobile Computing (IJWMC):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com