SQL Injection Essay

Published: 2021-07-06 06:35:22
essay essay

Category: Computer Sciences

Type of paper: Essay

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Hey! We can write a custom essay for you.

All possible types of assignments. Written by academics

Amidst the research and engineering in security, database security remains an issue. The hacking process is wireless and is involves codes that the security systems use to protect the databases.Structure Query Language (SQL) is the program that runs databases. The coded information is standardized globally, although there exists different types of SQL programs. Hackers utilize different hacking tools to login in on the databases. Hackers hack in the databases by changing “the intended effect of an SQL query by inserting new SQL keywords or operators in the query,” (Halfond, Viegas, & Orso, 2006, p. 1). The introduced query is recognized by the security features but works to alter the security system such as the change of administrator password.Entry of these malicious codes is done through; cookies, hypertext transfer protocol (http) header, or second-order injections. The process of injection is (Halfond, Viegas, & Orso, 2006, p. 2);Injection through caches- cache refers to the information stored on user’s device. Malicious hackers’ alter the information stored so that when the user revisits a website, the code stored in cache is downloaded and alters the database according to the hackers’ preference.Injection through HTTP- communication between a client and a database is through the HTTP header which conveys the request and feedback instructions. Hackers alter the information in the header, so that when a database downloads the information, the code performs the hacker’s prompt.Second-order injection- the attacker inputs the code in the login and other areas. The code manifests itself in another area apart from the point of injection.Detection and prevention of the attacks is difficult because the programming codes are similar to the attackers’ codes (Halfond, Viegas, & Orso, 2006, p. 5). This relates with the recent hacking of Facebook databases. The attackers were undetected because the scanning techniques cannot detect these codes because they are similar to the engineering codes.ReferenceHalfond, W. G., Viegas, J., & Orso, A. (2006). A Classification of SQL Injection Attacks. Proceedings of the IEEE International Symposium on Secure Software Engineering, 1, 1-11. Retrieved from https://www.cc.gatech.edu/fac/Alex.Orso/papers/halfond.viegas.orso.ISSSE06.pdf

Warning! This essay is not original. Get 100% unique essay within 45 seconds!


We can write your paper just for 11.99$

i want to copy...

This essay has been submitted by a student and contain not unique content

People also read