Survey and Comparative Analysis of SQL Injection Attacks, Detection and Prevention Techniques for Web Applications Security

Web applications witnessed a rapid growth for online business and transactions are expected to be secure, efficient and reliable to the users against any form of injection attacks. SQL injection is one of the most common application layer attack techniques used today by hackers to steal data from organizations. It is a technique that exploits a security vulnerability occurring in the database layer of a web application. The attack takes advantage of poor input validation in code and website administration. It allows attackers to obtain illegitimate access to the backend database to change the intended application generated SQL queries. . In spite of the development of different approaches to prevent SQL injection, it still remains a frightening risk to web applications. In this paper, we present a detailed review on various types of SQL injection attacks, detection and prevention techniques, and their comparative analysis based on the performance and practicality. KeywordsSQL injection attacks, prevention, detection, vulnerabilities. __________________________________________________*****_________________________________________________