Research Article
Database Under Siege: The Hidden Menace of SQL Injection Attacks
@INPROCEEDINGS{10.1007/978-3-031-81171-5_15, author={Rajitha Ala and Attili Venkata Ramana and Vasantha Sandhya Venu and Kiranmai Bejjam and Sai Sriharsha Kanagala and Bheemeshwar Punyamurthy and Ruchitha Sangeam}, title={Database Under Siege: The Hidden Menace of SQL Injection Attacks}, proceedings={Broadband Communications, Networks, and Systems. 14th EAI International Conference, BROADNETS 2024, Hyderabad, India, February 16--17, 2024, Proceedings, Part II}, proceedings_a={BROADNETS PART 2}, year={2025}, month={2}, keywords={Vulnerability assessment Parameterized queries Intercept Repeater cookies}, doi={10.1007/978-3-031-81171-5_15} }- Rajitha Ala
Attili Venkata Ramana
Vasantha Sandhya Venu
Kiranmai Bejjam
Sai Sriharsha Kanagala
Bheemeshwar Punyamurthy
Ruchitha Sangeam
Year: 2025
Database Under Siege: The Hidden Menace of SQL Injection Attacks
BROADNETS PART 2
Springer
DOI: 10.1007/978-3-031-81171-5_15
Abstract
The report begins by providing a detailed explanation of SQL injection attacks, illustrating how attackers exploit vulnerabilities in application code to inject malicious SQL queries. Attackers use various methods to bypass security and access data. In addition, the report delves into the underlying causes that make databases susceptible to SQL injection attacks, including poor input validation, lack of parameterized queries, and inadequate access controls. It highlights the importance of secure coding practices and ongoing vulnerability assessments as proactive measures to mitigate risk. To address this growing menace, the report explores a range of defense strategies and best practices. It discusses the implementation of robust input validation techniques, the utilization of parameterized queries, and the adoption of web application firewalls. Furthermore, it emphasizes the significance of educating developers, administrators, and users about SQL injection risks and the adoption of a security-first mindset.
