부산대학교 도서관

The SQL injection attack is a highly perilous vulnerability in the digital realm, especially for web pages, as recognized by the Open Web Application Security Project (OWASP) ranking. It is a type of code injection attacks. This kind of attacks basically breaches the virtual portion of the databases. Many web applications accept to store the user’s private information (e.g., login credentials, credit card and other account details etc.,) in the database over the internet. The detection of SQL injection attack is going to be a tough task for everyone because of an attacker can deploy various new type of SQL injections in day-to-day life. There are many ways to create/detect SQLi attacks by using open-source tools such as Netsparker, SQLMap, jSQL Injection, Burp Suite, BBQSQL, Nessus, and etc., So, the researchers have required an innovative and never-before seen mechanisms for detecting these types of attacks. But still, there is a lack of knowledge for input validation. So, various authors have decided to improve the SQLi attack detection by using various artificial intellectual mechanisms like machine learning (ML) and deep learning (DL). Both ML and DL algorithms are solved many types of SQL injection attacks by using various classification or regression techniques. This study will focus on various recent methodologies that how to detect SQLi attacks along with which mechanism will provide better performance among all the existing working models.