Kazmi, Muhammad Ali Naqi (2019) SQL injection detection and exploitation framework for penetration testing. Doctoral thesis, London Metropolitan University.
|
Text
Kazmi-Muhammad_Final-Thesis.pdf - Published Version Download (6MB) | Preview |
Abstract / Description
SQL injection is one of the complex and threatening attack used against SQL database servers and web applications. Attackers use SQL injection to get unauthorized access and perform unauthorized data modification. To mitigate the devastating problem of SQL injection attack, there are many existing tools and methods for detection and prevention. Due to the rapid SQL injection growth in recent years, the SQL injection security approaches have been experiencing a paradigm shift from the strenuous manual analysis, signature-based approach to a data-driven, machine learning-based dynamic approach.
This research has provided a comprehensive analysis of SQL injection and literature review of the existing SQL injection security methods. The thesis presents a novel semi-automated SQL injection detection and exploitation (IDE) solution using constructive method by combining machine learning and advance Python computation.
Item Type: | Thesis (Doctoral) |
---|---|
Uncontrolled Keywords: | SQL injection; SQL database servers and web applications; SQL injection detection and exploitation (IDE); computer security; access control (computers); Python (Computer program language) |
Subjects: | 000 Computer science, information & general works |
Department: | School of Computing and Digital Media |
Depositing User: | Mary Burslem |
Date Deposited: | 31 Mar 2022 14:05 |
Last Modified: | 31 Mar 2022 14:05 |
URI: | https://repository.londonmet.ac.uk/id/eprint/7345 |
Downloads
Downloads per month over past year
Downloads each year
Actions (login required)
![]() |
View Item |