Lists
Lists
Kazmi, Muhammad Ali Naqi (2019) SQL injection detection and exploitation framework for penetration testing. Doctoral thesis, London Metropolitan University.
SQL injection is one of the complex and threatening attack used against SQL database servers and web applications. Attackers use SQL injection to get unauthorized access and perform unauthorized data modification. To mitigate the devastating problem of SQL injection attack, there are many existing tools and methods for detection and prevention. Due to the rapid SQL injection growth in recent years, the SQL injection security approaches have been experiencing a paradigm shift from the strenuous manual analysis, signature-based approach to a data-driven, machine learning-based dynamic approach.
This research has provided a comprehensive analysis of SQL injection and literature review of the existing SQL injection security methods. The thesis presents a novel semi-automated SQL injection detection and exploitation (IDE) solution using constructive method by combining machine learning and advance Python computation.
 |
View Item |