Get Latest Computer/IT Projects directly to your Email ID


A Taxonomy of SQL Injection Defense Techniques (Computer Project)

Context:
SQL injection attack (SQLIA) poses a serious defense threat to web applications by allowing attackers to gain unhindered access to theunderlying databases containing potentially sensitive information. A lot of methods and techniques have been proposed by different researchers and practitioners to mitigate SQL injection problem.

However, deploying those methods and techniques without a clear understanding can induce a false sense of security. Classification of such techniques would provide a great assistance to get rid of such false sense of security.

Objectives:
This paper is focused on classification of such techniques by building taxonomy of SQL injection defense techniques.

Methods:
Systematic literature review (SLR) is conducted using five reputed and familiar e-databases; IEEE, ACM, Engineering Village (Inspec/Compendex), ISI web of science and Scopus.

Results:
61 defense techniques are found and based on these techniques, a taxonomy of SQL injection defense techniques is built. Our taxonomy consists of various dimensions which can be grouped under two higher order terms; detection method and evaluation criteria.

Conclusion:
The taxonomy provides a basis for comparison among different defense techniques. Organization(s) can use our taxonomy to choose suitable owns depending on their available resources and environments. Moreover, this classification can lead towards a number of future research directions in the field of SQL injection.
Source: Blekinge Institute of Technology
Authors: Aryal, Dhiraj | Shakya, Anup

Download Project

Subscribe for Computer/IT Project Downloads (Free):

Enter your email address:  

Discuss this Project:

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>