Title: SQL injection attacks - a systematic review

Authors: Kirti Sharma; Shobha Bhatt

Addresses: Ambedkar Institute of Advanced Communication Technologies and Research (AIACTR), Delhi, India ' Computer Science and Engineering Department, Ambedkar Institute of Advanced Communication Technologies and Research (AIACTR), Delhi, India

Abstract: In today's era, each and every person is utilising websites and so many different web applications for online administrations, for example: booking of railway tickets, movie ticketing, shopping, communication and so forth. These websites consists sensitive and confidential information. With the linearity of web applications in the last decade, the unconstructive crash of security has also matured either. SQL injection attack is one such attack where the anonymous user can append SQL code to input query. This research paper starts with developing criteria for systematic literature review based on research questions, quality assessment and data samples. The paper presents various SQL injection techniques with their intended attacks. Further studies explore different techniques to prevent attacks. Tabular representation of quality evaluation criteria was presented with grades. Lastly, different research questions and solutions were provided related to SQL injection attacks.

Keywords: SQL injection attack; systematic literature review; prevention.

DOI: 10.1504/IJICS.2019.101937

International Journal of Information and Computer Security, 2019 Vol.11 No.4/5, pp.493 - 509

Received: 06 Oct 2017
Accepted: 21 Aug 2018
Published online: 30 Aug 2019 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article