IITM Journal of management and IT
  • Year: 2014
  • Volume: 5
  • Issue: 1

Analysis of SQL Injection Attack

  • Author:
  • Jasvinder Singh
  • Total Page Count: 8
  • Page Number: 48 to 55

IITM, GGSIPU

Online published on 27 July, 2015.

Abstract

These days almost all information is online. To store such information one needs huge databases. Over a past few years a new type of cyber security threat has come into existence namely Structured Query Language (SQL) injection attack. The same can be launched by means of web browsers. Typical uses of SQL injection leak confidential information from a database, by-pass authentication logic, or add unauthorized accounts to a database. The severity of this attack can be judged from the fact that in seconds of its inception all critical information is routed to malicious user, thus causing a tremendous amount of loss in terms of authentication, data integration and privacy. As a result, the system could bear heavy loss in giving proper services to its users or it may face complete destruction. Sometimes such type of collapse of a system can threaten the existence of a company or a bank or an industry.

Keywords

Structured Query Language Injection Attack (SQLIA), Java Database Connectivity (JDBC), Preprocessor Hypertext (PHP), Intrusion Detection System (IDS), Security Policy Descriptor Language (SPDL)