{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T14:51:21Z","timestamp":1774536681241,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":32,"publisher":"Springer Singapore","isbn-type":[{"value":"9789811680588","type":"print"},{"value":"9789811680595","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-981-16-8059-5_35","type":"book-chapter","created":{"date-parts":[[2021,12,2]],"date-time":"2021-12-02T13:03:12Z","timestamp":1638450192000},"page":"568-585","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["SQL Injection Prevention in Web Application: A Review"],"prefix":"10.1007","author":[{"given":"Joanna Hazaline Binti","family":"Johny","sequence":"first","affiliation":[]},{"given":"Wafa Athilah Fikriah Binti","family":"Nordin","sequence":"additional","affiliation":[]},{"given":"Nurrina Mizana Binti","family":"Lahapi","sequence":"additional","affiliation":[]},{"given":"Yu-Beng","family":"Leau","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,1,1]]},"reference":[{"key":"35_CR1","first-page":"24","volume":"7","author":"C Sharma","year":"2017","unstructured":"Sharma, C., Jain, S.: SQL injection attacks on web applications. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 7, 24\u201326 (2017)","journal-title":"Int. J. Adv. Res. Comput. Sci. Softw. Eng."},{"key":"35_CR2","doi-asserted-by":"crossref","unstructured":"Mukhtar, B., Azer, M.: Evaluating the modsecurity web application firewall against SQL injection attacks. In: 2020 15th International Conference on Computer Engineering and Systems (ICCES), pp. 2\u20137 (2020)","DOI":"10.1109\/ICCES51560.2020.9334626"},{"key":"35_CR3","first-page":"1121","volume":"21","author":"M Alenezi","year":"2020","unstructured":"Alenezi, M., Nadeem, M., Asif, R.: SQL injection attacks countermeasures assessments. Indon. J. Electr. Eng. Comput. Sci. 21, 1121\u20131131 (2020)","journal-title":"Indon. J. Electr. Eng. Comput. Sci."},{"key":"35_CR4","doi-asserted-by":"crossref","unstructured":"Qian, L., Zhu, Z., Hu, J., Liu, S.: Research of SQL Injection Attack and Prevention Technology. In: 2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF), pp. 303\u2013306 (2015)","DOI":"10.1109\/ICEDIF.2015.7280212"},{"key":"35_CR5","first-page":"10","volume":"12","author":"M Horner","year":"2017","unstructured":"Horner, M., Hyslip, T.: SQL injection: the longest running sequel in programming history. J. Digit. Forensics Secur. Law 12, 10 (2017)","journal-title":"J. Digit. Forensics Secur. Law"},{"key":"35_CR6","doi-asserted-by":"crossref","unstructured":"Ma, L., Gao, Y., Zhao, D., Zhao, C.: Research on SQL injection attack and prevention technology based on web. In: 2019 International Conference on Computer Network, Electronic and Automation (ICCNEA), pp. 176\u2013179 (2019)","DOI":"10.1109\/ICCNEA.2019.00042"},{"key":"35_CR7","first-page":"5","volume":"6","author":"Z Alwan","year":"2017","unstructured":"Alwan, Z., Younis, M.: Detection and prevention of SQL injection attack: a survey. Int. J. Comput. Sci. Mob. Comput. 6, 5\u201317 (2017)","journal-title":"Int. J. Comput. Sci. Mob. Comput."},{"key":"35_CR8","doi-asserted-by":"crossref","unstructured":"Ping, C.: A second-order SQL injection detection method. In: Proceedings of 2017 IEEE 2nd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), vol. 2018-January, pp. 1792\u20131796 (2018)","DOI":"10.1109\/ITNEC.2017.8285104"},{"key":"35_CR9","doi-asserted-by":"crossref","unstructured":"Edgescan Fullstack Vulnerability Management: 2020 Vulnerability Statistics Report. Eoin Keary (2020)","DOI":"10.1016\/S1353-4858(20)30027-1"},{"key":"35_CR10","unstructured":"Poulsen, K.: Guesswork Plagues Web Hole Reporting. https:\/\/www.securityfocus.com\/news\/346"},{"key":"35_CR11","unstructured":"Shezaf, O.: Russian hackers broke into a RI GOV website. https:\/\/web.archive.org\/web\/20110213051033\/http:\/\/www.xiom.com\/whid-2006-3"},{"key":"35_CR12","unstructured":"Ward, K.: Redmond channel partner online: hacker defaces Microsoft U.K. web page. https:\/\/web.archive.org\/web\/20071223181645\/http:\/\/rcpmag.com\/news\/article.aspx?editorialsid=8762"},{"key":"35_CR13","unstructured":"McDougall, P.: Anti-U.S. hackers infiltrate army servers \u2013 informationweek. https:\/\/www.informationweek.com\/architecture\/anti-us-hackers-infiltrate-army-servers\/d\/d-id\/1079964"},{"key":"35_CR14","unstructured":"Lemon, S.: Mass SQL injection attack hits Chinese websites. https:\/\/www.computerworld.com\/article\/2536020\/mass-sql-injection-attack-hits-chinese-web-sites.html"},{"key":"35_CR15","unstructured":"Danchev, D.: Kaspersky\u2019s Malaysian site hacked by Turkish hacker | ZDNet. https:\/\/www.zdnet.com\/article\/kasperskys-malaysian-site-hacked-by-turkish-hacker\/"},{"key":"35_CR16","unstructured":"BBC NEWS | Business | US man \u2018stole 130m card numbers\u2019. http:\/\/news.bbc.co.uk\/2\/hi\/americas\/8206305.stm"},{"key":"35_CR17","unstructured":"Yap, J.: 450,000 user passwords leaked in Yahoo breach | ZDNet. https:\/\/www.zdnet.com\/article\/450000-user-passwords-leaked-in-yahoo-breach\/"},{"key":"35_CR18","unstructured":"TalkTalk gets record \u00a3400,000 fine for failing to prevent October 2015 attack. https:\/\/web.archive.org\/web\/20161024090111\/https:\/\/ico.org.uk\/about-the-ico\/news-and-events\/news-and-blogs\/2016\/10\/talktalk-gets-record-400-000-fine-for-failing-to-prevent-october-2015-attack\/"},{"key":"35_CR19","unstructured":"Khandelwal, S.: Fortnite flaws allowed hackers to takeover gamers\u2019 accounts. https:\/\/thehackernews.com\/2019\/01\/fortnite-account-hacked.html."},{"key":"35_CR20","doi-asserted-by":"crossref","unstructured":"Hu, J., Zhao, W., Cui, Y.: A survey on SQL injection attacks, detection and prevention. In: CMLC 2020: 2020 12th International Conference on Machine Learning and Computing, pp. 483\u2013488. Association for Computing Machinery, New York (2020)","DOI":"10.1145\/3383972.3384028"},{"key":"35_CR21","first-page":"239","volume":"6","author":"T Pattewar","year":"2019","unstructured":"Pattewar, T., Patil, H., Patil, H., Patil, N., Taneja, M., Wadile, T.: Detection of SQL injection using machine learning: a survey. Int. Res. J. Eng. Technol. (IRJET) 6, 239\u2013246 (2019)","journal-title":"Int. Res. J. Eng. Technol. (IRJET)"},{"key":"35_CR22","first-page":"3543","volume":"7","author":"M Reddy","year":"2020","unstructured":"Reddy, M., Latchoumi, T., Balamurugan, K.: Applied machine learning predictive analytics to SQL injection attack detection and prevention. Eur. J. Mol. Clin. Med. 7, 3543\u20133553 (2020)","journal-title":"Eur. J. Mol. Clin. Med."},{"key":"35_CR23","first-page":"85","volume":"1","author":"F Hernawan","year":"2020","unstructured":"Hernawan, F., Hidayatulloh, I., Adam, I.: Hybrid method integrating SQL-IF and Na\u00efve Bayes for SQL injection attack avoidance. J. Eng. Appl. Technol. 1, 85\u201396 (2020)","journal-title":"J. Eng. Appl. Technol."},{"key":"35_CR24","first-page":"012055","volume":"1757","author":"D Chen","year":"2021","unstructured":"Chen, D., Yan, Q., Wu, C., Zhao, J.: SQL injection attack detection and prevention rechniques using deep learning. J. Phys: Conf. Ser. 1757, 012055 (2021)","journal-title":"J. Phys: Conf. Ser."},{"key":"35_CR25","doi-asserted-by":"crossref","unstructured":"Sonakshi, R.K., Gopal, G.: Prevention of SQL injection attacks using RC4 and blowfish encryption techniques. Int. J. Eng. Res. V5, 25\u201329 (2016)","DOI":"10.17577\/IJERTV5IS060092"},{"key":"35_CR26","first-page":"5","volume":"5","author":"M Sood","year":"2017","unstructured":"Sood, M., Singh, S.: SQL injection prevention technique using encryption. Int. J. Adv. Comput. Eng. Netw. 5, 5\u20138 (2017)","journal-title":"Int. J. Adv. Comput. Eng. Netw."},{"key":"35_CR27","first-page":"90","volume":"5","author":"K Sharma","year":"2018","unstructured":"Sharma, K., Bhatt, S.: Efficient method to prevent SQL injection attacks using password encryption. IAETSD J. Adv. Res. Appl. Sci. 5, 90\u201396 (2018)","journal-title":"IAETSD J. Adv. Res. Appl. Sci."},{"key":"35_CR28","doi-asserted-by":"publisher","first-page":"2876","DOI":"10.30534\/ijatcse\/2020\/60932020","volume":"9","author":"M Muttaqin","year":"2020","unstructured":"Muttaqin, M.: Implementation of AES-128 and token-base64 to prevent SQL injection attacks via HTTP. Int. J. Adv. Trends Comput. Sci. Eng. 9, 2876\u20132882 (2020)","journal-title":"Int. J. Adv. Trends Comput. Sci. Eng."},{"key":"35_CR29","first-page":"145","volume":"5","author":"P Javali","year":"2016","unstructured":"Javali, P., Chougule, S.V.: SQL injection detection and prevention using pattern matching algorithm. Int. J. Adv. Res. Comput. Commun. Eng. 5, 145\u2013147 (2016)","journal-title":"Int. J. Adv. Res. Comput. Commun. Eng."},{"key":"35_CR30","first-page":"194","volume":"2","author":"M Kashyape","year":"2017","unstructured":"Kashyape, M., Agrawal, A., Gahlod, S., Patil, S., Ranade, M., Wagh, P.: A hybrid approach for prevention of SQL injection attack using pattern matching Mitali. Int. Res. J. Adv. Eng. Sci. 2, 194\u2013197 (2017)","journal-title":"Int. Res. J. Adv. Eng. Sci."},{"issue":"1","key":"35_CR31","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s13635-020-00113-y","volume":"2020","author":"OC Abikoye","year":"2020","unstructured":"Abikoye, O.C., Abubakar, A., Dokoro, A.H., Akande, O.N., Kayode, A.A.: A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm. EURASIP J. Inf. Secur. 2020(1), 1\u201314 (2020). https:\/\/doi.org\/10.1186\/s13635-020-00113-y","journal-title":"EURASIP J. Inf. Secur."},{"key":"35_CR32","first-page":"252","volume":"27","author":"N Karthikeyan","year":"2021","unstructured":"Karthikeyan, N., Vivekanandan, R., et al.: A novel technique to detect and prevent SQL injection attacks using bitap string matching algorithm. High Technol. Lett. J. 27, 252\u2013264 (2021)","journal-title":"High Technol. Lett. J."}],"container-title":["Communications in Computer and Information Science","Advances in Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-16-8059-5_35","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,13]],"date-time":"2024-09-13T15:50:35Z","timestamp":1726242635000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-16-8059-5_35"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9789811680588","9789811680595"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-981-16-8059-5_35","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"1 January 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACeS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Advances in Cyber Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Penang","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Malaysia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 August 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 August 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"aces2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.aces.usm.my\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"92","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"36","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"39% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}