Sql Injection Attacks : Detection Essay
The SQL commands consist of statements that, when executed, are going to interact with a system’s database. The paper SQL Injection Attacks: Detection in a Web Application Environment, published by DB Networks, gives a thorough explanation on how SQL injection is executed,
“SQL injection attacks are initiated by manipulating the data input on a Web form such that fragments of SQL instructions are passed to the Web application. The Web application then combines these rogue SQL fragments with the proper SQL dynamically generated by the application, thus creating valid SQL requests” (pg. 5).
The SQL injection can cause either severe damage to an organization if credentials were obtained. The unauthorized user can make dramatic changes to a database, such as modifying and deleting data, and can cause organizations a lot of time and money to repair.
In 2009, two of the National Aeronautics and Space Administration’s (NASA) websites were hacked through the use of SQL injection.…