Security Analysis of SQL Injection Attacks on Multimedia and Journal-Services Sites Using Concatenated Input Validation and Parsing Method (CIVP)

Wijaya, Marvin Chandra (2024) Security Analysis of SQL Injection Attacks on Multimedia and Journal-Services Sites Using Concatenated Input Validation and Parsing Method (CIVP). Ingénierie des Systèmes d’Information, 29 (5). pp. 1915-1924. ISSN 2116-7125

	Text 3. Security Analysis of SQL Injection Attacks.pdf Download (1928Kb)
	Text 3. Korespondensi Security Analysis of SQL Injection Attacks.pdf Download (1752Kb)
	Text 3. Turnitin - Security Analysis of SQL Injection Attacks.pdf Download (3475Kb)

Abstract

Web applications and databases continue to face grave danger from SQL injection attacks, which can result in unauthorized access, data modification, and system compromise. This report discusses the methods attackers use to exploit SQL injection vulnerabilities and emphasizes the dangers of successful attacks, such as data leaks and system compromise. This research proposes a comprehensive system for detecting SQL injection attacks using concatenated Input Validation and Parsing Method (CIVP). The site used as experimental material is the Multimedia and Journal Services Site. Based on the results of forensic analysis on the Journal Services Site, there were several attacks in cyberspace, including using SQLMAP and Python. The system created has successfully detected SQL injection attacks. Based on the test results, it was found that the use of the method proposed in this study succeeded in making processing time 15.2% more efficient. Experiments carried out with the method proposed in this study succeeded in increasing the attack detection accuracy from 96-97% to 99.5% with a p-value of 0.008446.

Item Type:

Article

Contributors: