SQL Database for Vulnerability Analysis in Web Services

SQL Database for Vulnerability Analysis in Web Services

연구 분야: Databases

학회: 2024 14th International Conference on Dependable Systems, Services and Technologies (DESSERT)

Vulnerabilities in web services have become increasingly common as most individuals and organizations have applications or websites where personal or banking information is stored in databases, making them prime targets for cybercriminals. This review aims to analyze and identify tools and strategies to address web service vulnerabilities involving SQL databases, with a primary focus on SQL injection attacks. A total of 570 documents related to the topic were reviewed from SCOPUS and IEEE, with 33 studies selected based on predetermined criteria, following the PICO and PRISMA methodologies. The results indicate that data collection provided a better perspective on recommended tools and strategies to improve web service security. The conclusion highlights that input validation and parameterized queries are essential strategies for securing web services, as they significantly reduce the possibility of attacks. Additionally, external tools like scanners, which show 98% accuracy, and machine learning software, which provides 97% accuracy, are also recommended for enhancing web service security. These strategies are particularly important in e-commerce services, which are highly vulnerable to cyberattacks due to the large volume of sensitive data, including payment and personal information.