SQL Injection-Database Attack Revolution and Prevention

• Published in: Applied Mechanics and Materials Vol. 740; no. Mechanical, Information and Industrial Engineering; pp. 810 - 814
• Main Author: Yang, Zheng Xiao
• Format: Journal Article
• Language: English
• Published: Zurich Trans Tech Publications Ltd 01.03.2015
• Subjects: Brain; Computer information security; Explosions; Information systems; Networks; Passwords; Query languages
• ISBN: 3038354104; 9783038354109
• ISSN: 1662-7482; 1660-9336; 1662-7482
• DOI: 10.4028/www.scientific.net/AMM.740.810

SQL injection came with a bang and caused revolution in database attacking. Inrecent years, with the explosion in web-based commerce and information systems, databases havebeen drawing ever closer to the network and it is critical part of network security. This paper is incorporated with our research and firsthand experience in hacking the database by SQL injection. Database is the Storage Brain of a website. A hacked database is the source for Passwords and juicy information like credit card number, bank account number and every important thing that are forbidden. Importance should be given for preventing database exploitation by SQL injection. The aim of this paper is to create awareness among web developers or database administrators about the urgent need for database security. Our ultimate objective is to totally eradicate the whole concept of SQL injection and to avoid this technique becoming a plaything in hands of exploiters.