@ARTICLE{Singh_Jai_Puneet_Analysis_2016, author={Singh, Jai Puneet}, volume={vol. 28}, number={No 1-2}, journal={Theoretical and Applied Informatics}, pages={37-55}, howpublished={online}, year={2016}, publisher={Committee of Informatics of Polish Academy of Science}, publisher={Institute of Theoretical and Applied Informatics of Polish Academy of Science}, abstract={SQL Injection is one of the vulnerabilities in OWASP's Top Ten List forWeb Based Application Exploitation. These type of attacks take place on Dynamic Web applications as they interact with databases for various operations. Current Content Management System like Drupal, Joomla or Wordpress have all information stored in their databases. A single intrusion into these type of websites can lead to overall control of websites by an attacker. Researchers are aware of basic SQL Injection attacks, but there are numerous SQL Injection attacks which are yet to be prevented and detected. Over here, we present the extensive review for the Advanced SQL Injection attack such as Fast Flux SQL Injection, Compounded SQL Injection and Deep Blind SQL Injection. We also analyze the detection and prevention using the classical methods as well as modern approaches. We will be discussing the Comparative Evaluation for prevention of SQL Injection.}, type={Article}, title={Analysis of SQL Injection Detection Techniques}, URL={http://journals.pan.pl/Content/118533/PDF/singh_Analysis%20of%20SQL.pdf}, keywords={SQL Injection, runtime monitoring, static analysis}, }