An Analysis of Successful SQLIA for Future Evolutionary Prediction

Author(s)

Andrew Pechin, Liberty UniversityFollow

Publication Date

Spring 4-2023

School

School of Business

Major

Computer Science

Keywords

SQL, SQL Injection, Cybersecurity, Cyberattacks

Disciplines

Databases and Information Systems | Information Security

Recommended Citation

Pechin, Andrew, "An Analysis of Successful SQLIA for Future Evolutionary Prediction" (2023). Senior Honors Theses. 1272.
https://digitalcommons.liberty.edu/honors/1272

Abstract

Web applications are a fundamental component of the internet, many interact with backend databases. Securing web applications and their databases from hackers should be a top priority for cybersecurity researchers. Structured Query Language (SQL) injection attacks (SQLIA) constitute a significant threat to web applications. They can hijack the backend databases to steal personally identifiable information (PII), initiate scams, or launch more sophisticated cyberattacks. SQLIA has evolved since its conception in the early 2000s and will continue to do so in the coming years. This paper analyzes past literature and successful SQLIA from specific time periods to identify themes and methods used by security researchers and hackers. By extrapolating and interpreting the themes of both literature and effective SQLIA, trends can be identified, and a clearer understanding of the future of SQL injection can be defined to improve cybersecurity best practices.