A Survey on Detection and Prevention of SQL Injection Attack

S. M. Chaware, Sujata S. Wakchaure

Abstract: Many software systems include a web-based component that makes them available to the public via the internet and can expose them to a variety of web-based attacks. One of these attacks is SQL injection which can give attackers unauthorised access to the databases. This paper presents an approach for protecting web applications against SQL injection. Pattern matching is a system that can be utilized to distinguish or recognize any abnormality parcel from a consecutive activity. This paper also presents a recognition and avoidance strategy for protecting SQL Injection Attack (SQLIA) utilizing Aho-Corasick pattern matching calculation Furthermore, it focuses on different mechanisms that can detect several SQL Injection attacks.

Keywords: SQL Injection attack, Pattern matching, Static pattern, Dynamic Pattern, Anomaly Score