School of Business
SQL, SQL Injection, Cybersecurity, Cyberattacks
Databases and Information Systems | Information Security
Pechin, Andrew, "An Analysis of Successful SQLIA for Future Evolutionary Prediction" (2023). Senior Honors Theses. 1272.
Web applications are a fundamental component of the internet, many interact with backend databases. Securing web applications and their databases from hackers should be a top priority for cybersecurity researchers. Structured Query Language (SQL) injection attacks (SQLIA) constitute a significant threat to web applications. They can hijack the backend databases to steal personally identifiable information (PII), initiate scams, or launch more sophisticated cyberattacks. SQLIA has evolved since its conception in the early 2000s and will continue to do so in the coming years. This paper analyzes past literature and successful SQLIA from specific time periods to identify themes and methods used by security researchers and hackers. By extrapolating and interpreting the themes of both literature and effective SQLIA, trends can be identified, and a clearer understanding of the future of SQL injection can be defined to improve cybersecurity best practices.