logo

Different Techniques used to deploy SQLi attacks as a way of exploiting the database and the website vulnerabilities

18 Pages5031 Words291 Views
   

Added on  2023-06-12

About This Document

This research paper analyses the different types of vulnerabilities and SQL attacks which can retrieve and manipulate the information of the records stored in the database. It also covers the countermeasures which should be taken to resolve the issues of SQLI.

Different Techniques used to deploy SQLi attacks as a way of exploiting the database and the website vulnerabilities

   Added on 2023-06-12

ShareRelated Documents
SQL Injection: Database
Security
Different Techniques used to deploy SQLi attacks as a way of exploiting the database and the website vulnerabilities_1
Contents
I. Introduction......................................................................................................................................2
Problem Statement...............................................................................................................................3
Research Aim.......................................................................................................................................3
Research Objectives.............................................................................................................................3
Research Questions..............................................................................................................................4
II. Understanding types of SQL injection.............................................................................................4
Key Concepts.......................................................................................................................................4
Classification of SQLI on the basis of Intent:......................................................................................4
Classification of SQL on the basis of type:.........................................................................................5
Consequences of the SQL query injection...........................................................................................7
III. Literature Review:.......................................................................................................................7
IV. SQLIA Countermeasures.............................................................................................................9
V. Prevention Procedures from SQL injection...................................................................................11
VI. Evaluation..................................................................................................................................11
VII. Proposed Approach....................................................................................................................12
Algorithm for Hash Value.................................................................................................................12
VIII. Conclusion.................................................................................................................................14
IX. References:.................................................................................................................................15
Different Techniques used to deploy SQLi attacks as a way of exploiting the database and the website vulnerabilities_2
Title: Different Techniques used to deploy SQLi attacks as a way of exploiting the database
and the website vulnerabilities
I. Introduction
The SQL injection is the programming code which is used for exploiting the database by
making use of web hacking technologies. The SQL statement is get incorporated with the
malicious code which is given as input to exploit the functionality of the database. The
functionality of the database server can be controlled by the SQL injection. The
vulnerabilities and the malicious code which get associated with the SQL query is used for
changing the operational programming of the database to get accurate information. The
attacker can retrieve the text and the information from the database by getting bypassing
through the authentication and authorization technique of the web by making use of SQL
injection technique (Tajpour, Ibrahim, and Masrom, 2011). The integrity of the database can
be gets affected through the SQLI because it is capable of doing modification and deletion of
the tuples from the RDBMS. The confidential information of the personal get hacked through
the unauthenticated accessing of the records which contains information relevant to secrets of
the business, confidential information of the customers, bank details, CVC number,
password, and others. The SQL injection malicious code can be identified during the time of
compilation. It helps in analysing the malicious code at the byte code level of SQL program.
The algorithm based on automation prepared statement is used for removing the malicious
code which is added to the SQL statement. The payload is added in the SQL query for
developing SQLI for the attack on the database. In this paper, we are looking forward to
research on the different types of vulnerabilities and SQL attacks which can retrieve and
manipulate the information of the records stored in the database. We will also undertake the
research study on the countermeasures which should be taken to resolve the issues of SQLI.
The following figure shows the example of the SQL injection on the database. It can be
predicted from the figure below that the malicious code get inserted by the hacker through the
SQL statement for manipulating the information stored in the database.
Different Techniques used to deploy SQLi attacks as a way of exploiting the database and the website vulnerabilities_3
(Source: Qian, Zhu, Hu, and Liu, 2015). Research of SQL injection attack and prevention technology. 1st ed.)
Problem Statement
SQLI is the hacking technology which is used for retrieving the information from the
database. The malicious code and vulnerabilities are sent by the attacker in the SQL
statement which exploits and manipulate the information of the database. The accuracy and
integrity of the data stored in the database can be exploited with the SQLI query posted on
the database. The consequences of the SQL injection on the databases are problem of
authorization, authentication, and loss of confidentiality and integrity of the data stored in the
database.
Research Aim
The aim of the research study is to analyse the research on the different types of
vulnerabilities and SQL attacks which can retrieve and manipulate the information of the
records stored in the database. We will also undertake the research study on the
countermeasures which should be taken to resolve the issues of SQLI.
Research Objectives
The objective of the research is to find out:
Type of SQL injection
Prevention techniques from the SQL injection
Different Techniques used to deploy SQLi attacks as a way of exploiting the database and the website vulnerabilities_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Ways of Attacking a Web Application in PHP: SQL Injection, XSS, Session Hijacking, Directory Traversal, and Remote File Inclusion
|9
|1493
|176

Information Security Awareness Assignment PDF
|7
|1466
|95

COIT20262 - Advanced Network Security
|12
|1899
|262

Understanding SQL Injection, Insider Attacks, and Malware Threats for Enhanced Cybersecurity
|7
|2711
|157

Cyber Security: Vulnerabilities, Exploitation, and Security Controls
|10
|2384
|453

Ethical Hacking & Countermeasures Report 2022
|25
|3747
|46