SQL injection detection and exploitation framework for penetration testing

Kazmi, Muhammad Ali Naqi (2019) SQL injection detection and exploitation framework for penetration testing. Doctoral thesis, London Metropolitan University.

[img]
Preview
Text
Kazmi-Muhammad_Final-Thesis.pdf - Published Version

Download (6MB) | Preview

Abstract / Description

SQL injection is one of the complex and threatening attack used against SQL database servers and web applications. Attackers use SQL injection to get unauthorized access and perform unauthorized data modification. To mitigate the devastating problem of SQL injection attack, there are many existing tools and methods for detection and prevention. Due to the rapid SQL injection growth in recent years, the SQL injection security approaches have been experiencing a paradigm shift from the strenuous manual analysis, signature-based approach to a data-driven, machine learning-based dynamic approach.

This research has provided a comprehensive analysis of SQL injection and literature review of the existing SQL injection security methods. The thesis presents a novel semi-automated SQL injection detection and exploitation (IDE) solution using constructive method by combining machine learning and advance Python computation.

Item Type: Thesis (Doctoral)
Uncontrolled Keywords: SQL injection; SQL database servers and web applications; SQL injection detection and exploitation (IDE); computer security; access control (computers); Python (Computer program language)
Subjects: 000 Computer science, information & general works
Department: School of Computing and Digital Media
Depositing User: Mary Burslem
Date Deposited: 31 Mar 2022 14:05
Last Modified: 31 Mar 2022 14:05
URI: http://repository.londonmet.ac.uk/id/eprint/7345

Downloads

Downloads per month over past year



Downloads each year

Actions (login required)

View Item View Item