General Information
    • ISSN: 1793-8201 (Print), 2972-4511 (Online)
    • Abbreviated Title: Int. J. Comput. Theory Eng.
    • Frequency: Quarterly
    • DOI: 10.7763/IJCTE
    • Editor-in-Chief: Prof. Mehmet Sahinoglu
    • Associate Editor-in-Chief: Assoc. Prof. Alberto Arteta, Assoc. Prof. Engin Maşazade
    • Managing Editor: Ms. Cecilia Xie
    • Abstracting/Indexing: Scopus (Since 2022), INSPEC (IET), CNKI,  Google Scholar, EBSCO, etc.
    • Average Days from Submission to Acceptance: 192 days
    • APC: 800 USD
    • E-mail: editor@ijcte.org
    • Journal Metrics:
    • SCImago Journal & Country Rank
Article Metrics in Dimensions

IJCTE 2017 Vol.9(5): 351-356 ISSN: 1793-8201
DOI: 10.7763/IJCTE.2017.V9.1165

SQL Injection Attacks Detection & Prevention Techniques

Gülsüm Yiğit and Merve Arnavutoğlu

Abstract—Abstract—SQL Injection Attack (SQLIA) is a type of code injection technique that threatens confidentiality, integrity, and availability of web databases. The attacker mostly exploits incorrectly filtered user inputs such as text fields in web applications and tries to insert malicious SQL statements into a legitimate query via the vulnerable user input. By doing so, the attacker can access, insert, modify, or delete critical information in a database without proper authorization. In this survey, we describe and categorize types of SQLIA, and analyze existing detection and prevention techniques against such attacks.

Index Terms—Index Terms—SQL injection, attacks, cyber security.

Gülsüm Yiğit and Merve Arnavutoglu are with the Electronics and Computer Engineering Department, University of Gaziantep, Turkey (e-mail: gulsmyigit@gmail.com, merve.arnavutoglu@gmail.com).

[PDF]

Cite:Gülsüm Yiğit and Merve Arnavutoğlu, "SQL Injection Attacks Detection & Prevention Techniques," International Journal of Computer Theory and Engineering vol. 9, no. 5, pp. 351-356, 2017.


Copyright © 2008-2025. International Association of Computer Science and Information Technology. All rights reserved.