Taxonomy of SQL Injection: ML Trends & Open Challenges
SQL injections are a significant and ever-present threat to web applications and database security. During these attacks, malicious SQL statements are injected into input fields of data-driven systems, leading to unauthorized access and data breaches. Consequently, a need is generated to understand...
| Main Authors: | , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English |
| Published: |
IEEE
2023
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/38717/ http://umpir.ump.edu.my/id/eprint/38717/1/Taxonomy_of_SQL_Injection_ML_Trends_amp_Open_Challenges.pdf http://umpir.ump.edu.my/id/eprint/38717/2/Taxonomy%20of%20SQL%20Injection.pdf |
| _version_ | 1848825579749507072 |
|---|---|
| author | Abobakr Busaeed, Raed Abdullah Wan Isni Sofiah, Wan Din Waseem, Quadri Azlee, Zabidi |
| author_facet | Abobakr Busaeed, Raed Abdullah Wan Isni Sofiah, Wan Din Waseem, Quadri Azlee, Zabidi |
| author_sort | Abobakr Busaeed, Raed Abdullah |
| building | UMP Institutional Repository |
| collection | Online Access |
| description | SQL injections are a significant and ever-present threat to web applications and database security. During these attacks, malicious SQL statements are injected into input fields of data-driven systems, leading to unauthorized access and data breaches. Consequently, a need is generated to understand the nature of the attacks, detection, and effective prevention techniques. This research paper focuses on providing a taxonomy and comprehensive survey of SQL injection attacks, detection, and prevention, including their various types and techniques. Additionally, it explores the current state-of-the-art and evaluation for attacks, detection, and prevention techniques. This research paper also discusses and provides a taxonomy of current machine learning (ML) trends (Taxonomy) and their open challenges for detection purposes. Finally, this paper ends with a discussion aiming to equip system administrators, researchers, scientists and practitioners with the knowledge and strategies to mitigate the risks associated with SQL injection attacks effectively. Eventually, this will help to enhance the security and resilience of web applications and databases in the face of this significant threat. |
| first_indexed | 2025-11-15T03:31:10Z |
| format | Conference or Workshop Item |
| id | ump-38717 |
| institution | Universiti Malaysia Pahang |
| institution_category | Local University |
| language | English English |
| last_indexed | 2025-11-15T03:31:10Z |
| publishDate | 2023 |
| publisher | IEEE |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | ump-387172023-09-29T13:35:38Z http://umpir.ump.edu.my/id/eprint/38717/ Taxonomy of SQL Injection: ML Trends & Open Challenges Abobakr Busaeed, Raed Abdullah Wan Isni Sofiah, Wan Din Waseem, Quadri Azlee, Zabidi QA75 Electronic computers. Computer science T Technology (General) SQL injections are a significant and ever-present threat to web applications and database security. During these attacks, malicious SQL statements are injected into input fields of data-driven systems, leading to unauthorized access and data breaches. Consequently, a need is generated to understand the nature of the attacks, detection, and effective prevention techniques. This research paper focuses on providing a taxonomy and comprehensive survey of SQL injection attacks, detection, and prevention, including their various types and techniques. Additionally, it explores the current state-of-the-art and evaluation for attacks, detection, and prevention techniques. This research paper also discusses and provides a taxonomy of current machine learning (ML) trends (Taxonomy) and their open challenges for detection purposes. Finally, this paper ends with a discussion aiming to equip system administrators, researchers, scientists and practitioners with the knowledge and strategies to mitigate the risks associated with SQL injection attacks effectively. Eventually, this will help to enhance the security and resilience of web applications and databases in the face of this significant threat. IEEE 2023 Conference or Workshop Item PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/38717/1/Taxonomy_of_SQL_Injection_ML_Trends_amp_Open_Challenges.pdf pdf en http://umpir.ump.edu.my/id/eprint/38717/2/Taxonomy%20of%20SQL%20Injection.pdf Abobakr Busaeed, Raed Abdullah and Wan Isni Sofiah, Wan Din and Waseem, Quadri and Azlee, Zabidi (2023) Taxonomy of SQL Injection: ML Trends & Open Challenges. In: 2023 IEEE 8th International Conference On Software Engineering and Computer Systems (ICSECS) , 25-27 August 2023 , Penang, Malaysia. pp. 382-387.. ISBN 979-8-3503-1094-8 (Published) https://doi.org/10.1109/ICSECS58457.2023.10256276 |
| spellingShingle | QA75 Electronic computers. Computer science T Technology (General) Abobakr Busaeed, Raed Abdullah Wan Isni Sofiah, Wan Din Waseem, Quadri Azlee, Zabidi Taxonomy of SQL Injection: ML Trends & Open Challenges |
| title | Taxonomy of SQL Injection: ML Trends & Open Challenges |
| title_full | Taxonomy of SQL Injection: ML Trends & Open Challenges |
| title_fullStr | Taxonomy of SQL Injection: ML Trends & Open Challenges |
| title_full_unstemmed | Taxonomy of SQL Injection: ML Trends & Open Challenges |
| title_short | Taxonomy of SQL Injection: ML Trends & Open Challenges |
| title_sort | taxonomy of sql injection: ml trends & open challenges |
| topic | QA75 Electronic computers. Computer science T Technology (General) |
| url | http://umpir.ump.edu.my/id/eprint/38717/ http://umpir.ump.edu.my/id/eprint/38717/ http://umpir.ump.edu.my/id/eprint/38717/1/Taxonomy_of_SQL_Injection_ML_Trends_amp_Open_Challenges.pdf http://umpir.ump.edu.my/id/eprint/38717/2/Taxonomy%20of%20SQL%20Injection.pdf |