Abstract
SQL Injection Attack (SQLIAs) is a web application attack that has been known for almost two decades, and that has been among the biggest cyber threats especially because most of the world’s population interacts with web apps in one way or the other. Over the years many methods have been developed to identify and deter SQLIAs, thereby reducing the risk on web applications. Four various methods used to identify and stop SQLIAs are reviewed, compared and critically evaluated in this paper, these include tokenization and lexicon detection process, combined static and dynamic method, novel, and search-based methods. This work further reveals the gap in current knowledge, specifically, increased efficiency can be achieved by integrating two of the most effective approaches. Furthermore, a real-world application of these methods is presented and finally, recommendations are made for further study.
Publisher
Federal University Dutsin-Ma