Abstract: Securing the web application against hacking is a big challenge. One of the most common types of hacking technique to attack the web application is SQL Injection Attack (SQLIA). In resulting of this attack an attacker can access, modify and even destroy the database of a web application. SQL injection is occurring when data provided by user is not properly validates and is included directly in a SQL query. The analysis of detection and prevention of SQLIA help to avoid this type of attack. Researchers describe a technique to detect and prevent this kind of manipulation and hence eliminate SQL injection attack. The existing solution to SQL injection requires source code modification and increases the possibilities of new injection points. In this study, researchers propose static and dynamic analysis to detect the SQL injection attack and we propose decision tree classification to prevent them.
V. Nithya, S. Lakshmana Pandian and R. Regan, 2013. The SQL Injection Attack Detection and Prevention by Classification and Analysis. Asian Journal of Information Technology, 12: 131-139.