SQL injection attacks - a systematic review

Abstract

In today's era, each and every person is utilising websites and so many different web applications for online administrations, for example: booking of railway tickets, movie ticketing, shopping, communication and so forth. These websites consists sensitive and confidential information. With the linearity of web applications in the last decade, the unconstructive crash of security has also matured either. SQL injection attack is one such attack where the anonymous user can append SQL code to input query. This research paper starts with developing criteria for systematic literature review based on research questions, quality assessment and data samples. The paper presents various SQL injection techniques with their intended attacks. Further studies explore different techniques to prevent attacks. Tabular representation of quality evaluation criteria was presented with grades. Lastly, different research questions and solutions were provided related to SQL injection attacks.