Review of SQL injection attacks: Detection, to enhance the security of the website from client-side attacks

Document Type : Research Paper


1 Computer science Department, Informatics Institute for Postgraduate Studies, Iraq

2 University of Information Technology and Communications, Iraq


The importance of cyber-security in protecting data and information is huge in this era of technology. With the number of cyber-attacks increasing daily, the security system has been developing for several years because we have been concerned about predicting and preventing cyber-attacks. The top 10 security threats identified by the OWASP are injection attacks. The most common vulnerability is SQL injection and is the most dangerous security vulnerability due to the multiplicity of its types and the rapid changes that can be caused by SQL injection and may lead to financial loss, data leakage, and significant damage to the database and this causes the site to be paralyzed. Detecting SQL injections is still a difficult task. How to successfully defend against SQL injection attacks has become the focus and frontier of web security in recent years. Machine learning has proven successful against these threats and effectively prevents and detects cross-site scripting and SQL input in web applications. Machine learning is used to analyze and identify security vulnerabilities. It uses classic machine learning algorithms and deep learning to evaluate the classified model using input validation features.