[1] M. Amin et al., “Review of SQL Injection : Problems and Prevention,” vol. 2, pp. 215–219.
[2] A. Kumar and S. Binu, “Proposed Method for SQL Injection Detection and its Prevention,” vol. 7, pp. 213–216, 2018.
[3] G. Hendita and A. Kusuma, “Analysis of SQL Injection Attacks on Website Service,” vol. 1, no. 1, 2018.
[4] O. C. Abikoye, A. Abubakar, A. H. Dokoro, and O. N. Akande, “A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm,” 2020.
[5] X. Yun and W. Wen, Cyber Security. 2018.
[6] A. Alazab, “New Strategy for Mitigating of SQL Injection Attack,” vol. 154, no. 11, pp. 1–10, 2016.
[7] A. Gurina and V. Eliseev, “Anomaly-Based Method for Detecting Multiple Classes of Network Attacks,” pp. 1–24, 2019, DOI: 10.3390/info10030084.
[8] R. Jahanshahi, A. Doupé, and M. Egele, “You shall not pass : Mitigating SQL Injection Attacks on Legacy Web Applications,” pp. 445–457, 2020.
[9] I. Medeiros, M. Beatriz, N. Neves, and M. Correia, “SEPTIC: Detecting Injection Attacks and Vulnerabilities Inside the DBMS,” IEEE Trans. Reliab., vol. 68, no. 3, pp. 1168–1188, 2019, DOI: 10.1109/tr.2019.2900007.
[10] M. K. Gupta, M. C. Govil, and G. Singh, “Static analysis approaches to detect SQL injection and cross-site scripting vulnerabilities in web applications: A survey,” Int. Conf. Recent Adv. Innov. Eng. ICRAIE 2014, pp. 9–13, 2014, DOI: 10.1109/ICRAIE.2014.6909173.
[11] X. Fu, X. Lu, B. Peltsverger, S. Chen, K. Qian, and L. Tao, “A static analysis framework for detecting SQL injection vulnerabilities,” Proc. - Int. Comput. Softw. Appl. Conf., vol. 1, no. Compsac, pp. 87–94, 2007, doi: 10.1109/COMPSAC.2007.43.
[12] M. Alenezi and Y. Javed, “Open source web application security: A static analysis approach,” Proc. - 2016 Int. Conf. Eng. MIS, ICEMIS 2016, 2016, doi: 10.1109/ICEMIS.2016.7745369.
[13] F. Spoto et al., “Static Identification of Injection Attacks in Java,” vol. 41, no. 3, 2019.
[14] bhayakumara S. Basutakara and D. J. P N, “A Review of Static Code Analysis Methods for Detecting Security Flaws,” J. Univ. Shanghai Sci. Technol., vol. 23, no. 06, pp. 647–653, 2021, DOI: 10.51201/jusst/21/05320.
[15] D. Das, U. Sharma, and D. Bhattacharyya, “An Approach to Detection of SQL Injection Attack Based on Dynamic Query Matching,” Int. J. Comput. …, vol. 1, no. 25, pp. 28–34, 2010, [Online]. Available: https://pdfs.semanticscholar.org/7691/0e9141d278ffddff7b7d8dd8ca53defb51cb.pdf%5Cnhttp://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.184.7553&rep=rep1&type=pdf.
[16] S. Nanda, L. C. Lam, and T. C. Chiueh, “Dynamic multi-process information flow tracking for web application security,” Proc. 8th ACM/IFIP/USENIX Int. Conf. Middlew. 2007, Middleware’07, pp. 1–20, 2008, DOI: 10.1145/1377943.1377956.
[17] A. Makiou, Y. Begriche, and A. Serhrouchni, “Hybrid approach to detect SQLi attacks and evasion techniques,” Collab. 2014 - Proc. 10th IEEE Int. Conf. Collab. Comput. Networking, Appl. Work., pp. 452–456, 2015, DOI: 10.4108/icst.collaboratecom.2014.257568.
[18] F. Y. Hernawan, I. Hidayatulloh, and I. F. Adam, “Hybrid method integrating SQL-IF and Naïve Bayes for SQL injection attack avoidance,” vol. 1, no. 2, pp. 85–96, 2020.
[19] S. P. K and A. Murugan, “Analysis of Vulnerability Detection Tool for Web Services,” vol. 7, pp. 773–778, 2018.
[20] P. Techniques et al., “Design and Implementation of SQL Injection Vulnerability Scanning Tool Design and Implementation of SQL Injection Vulnerability Scanning Tool,” 2020, DOI: 10.1088/1742-6596/1575/1/012094.
[21] B. J. S. Kumar and P. P. Anaswara, “Vulnerability detection and prevention of SQL injection,” vol. 7, pp. 16–18, 2018.
[22] A. Tajpour, M. Massrum, and M. Z. Heydari, “Comparison of SQL injection detection and prevention techniques,” ICETC 2010 - 2010 2nd Int. Conf. Educ. Technol. Comput., vol. 5, pp. 174–179, 2010, DOI: 10.1109/ICETC.2010.5529788.
[23] A. Sadeghian, M. Zamani, and A. A. Manaf, “A taxonomy of SQL injection detection and prevention techniques,” Proc. - 2013 Int. Conf. Informatics Creat. Multimedia, ICICM 2013, pp. 53–56, 2013, doi: 10.1109/ICICM.2013.18.
[24] S. Djanali, F. X. Arunanto, B. A. Pratomo, A. Baihaqi, H. Studiawan, and A. Mazharuddin, “Aggressive Web Application Honeypot for Exposing Attacker ‟ s Identity,” no. November 2014, DOI: 10.1109/ICITACEE.2014.7065744.
[25] W. G. J. Halfond and A. Orso, “Detection and Prevention of SQL Injection Attacks,” Adv. Inf. Secur., vol. 27, no. 7, pp. 85–109, 2007, DOI: 10.1007/978-0-387-44599-1_5.
[26] T. Pattewar, H. Patil, H. Patil, N. Patil, M. Taneja, and T. Wadile, “Detection of SQL Injection using Machine Learning : A Survey,” pp. 239–246, 2019.
[27] M. Zolanvari, S. Member, M. A. Teixeira, S. Member, L. Gupta, and S. Member, “Machine Learning Based Network Vulnerability Analysis of Industrial Internet of Things,” pp. 1–14.
[28] M. A. Azman, M. F. Marhusin, R. Sulaiman, U. Sains, M. F. Marhusin, and U. Sains, “Machine Learning-Based Technique to Detect SQL Injection Attack,” pp. 1–8, 2021, DOI: 10.3844/jcssp.2021.296.303.
[29] S. S. A. Krishnan, A. N. Sabu, P. P. Sajan, and A. L. Sreedeep, “SQL Injection Detection Using Machine Learning,” vol. 11, no. 3, pp. 300–310.
[30] B. J. S. Kumar and K. Pujitha, “Web Application Vulnerability Detection Using Hybrid String Matching Algorithm,” vol. 7, pp. 106–109, 2018.
[31] S. Son, K. S. McKinley, and V. Shmatikov, “Diglossia: Detecting code injection attacks with precision and efficiency,” Proc. ACM Conf. Comput. Commun. Secur., no. 2, pp. 1181–1191, 2013, DOI: 10.1145/2508859.2516696.
[32] R. Dharam and S. G. Shiva, “Runtime monitors for tautology based SQL injection attacks,” Proc. 2012 Int. Conf. Cyber Secur. Cyber Warf. Digit. Forensic, CyberSec 2012, pp. 253–258, 2012, DOI: 10.1109/CyberSec.2012.6246104.
[33] D. Y. Kao, C. J. Lai, and C. W. Su, “A Framework for SQL Injection Investigations: Detection, Investigation, and Forensics,” Proc. - 2018 IEEE Int. Conf. Syst. Man, Cybern. SMC 2018, no. 1, pp. 2838–2843, 2019, DOI: 10.1109/SMC.2018.00483.
[34] H. Gu et al., “DIAVA: A Traffic-Based Framework for Detection of SQL Injection Attacks and Vulnerability Analysis of Leaked Data,” IEEE Trans. Reliab., vol. 69, no. 1, pp. 188–202, 2020, DOI: 10.1109/TR.2019.2925415.
[35] W. C. Chung, H. P. Lin, S. C. Chen, M. F. Jiang, and Y. C. Chung, “JackHare: a framework for SQL to NoSQL translation using MapReduce,” Autom. Softw. Eng., vol. 21, no. 4, pp. 489–508, 2014, DOI: 10.1007/s10515-013-0135-x.
[36] S. Ezzat, M. I., L. M., and Y. K., “Web Anomaly Misuse Intrusion Detection Framework for SQL Injection Detection,” Int. J. Adv. Comput. Sci. Appl., vol. 3, no. 3, pp. 123–129, 2012, DOI: 10.14569/ijacsa.2012.030321.
[37] Y. V. N. Manikanta, “Protecting Web Applications from SQL Injection Attacks,” pp. 609–613, 2012.
[38] R. Dharam and S. G. Shiva, “Runtime Monitoring Framework for SQL Injection Attacks,” vol. 6, no. 5, 2014, DOI: 10.7763/IJET.2014.V6.731.
[39] V. Chang, Y. H. Kuo, and M. Ramachandran, “Cloud computing adoption framework: A security framework for business clouds,” Futur. Gener. Comput. Syst., vol. 57, pp. 24–41, 2016, DOI: 10.1016/j.future.2015.09.031.
[40] M. Yassin, H. Ould-Slimane, C. Talhi, and H. Boucheneb, “SQLIIDaaS: A SQL Injection Intrusion Detection Framework as a Service for SaaS Providers,” Proc. - 4th IEEE Int. Conf. Cyber Secur. Cloud Comput. CSCloud 2017 3rd IEEE Int. Conf. Scalable Smart Cloud, SSC 2017, pp. 163–170, 2017, DOI: 10.1109/CSCloud.2017.27.
[41] G. Yiğit and M. Arnavutoğlu, “SQL Injection Attacks Detection & Prevention Techniques,” vol. 9, no. 5, 2017, DOI: 10.7763/IJCTE.2017.V9.1165.
[42] L. Erdődi, Å. Å. Sommervoll, and F. M. Zennaro, “Journal of Information Security and Applications Simulating SQL injection vulnerability exploitation using Q-learning reinforcement learning agents,” J. Inf. Secur. Appl., vol. 61, no. July, p. 102903, 2021, DOI: 10.1016/j.jisa.2021.102903.
[43] “An Improved SQL Injection Attack Detection Model Using Machine Learning Techniques,” vol. 11, no. 1, pp. 53–57, 2021.
[44] M. Fan, J. Liu, W. Wang, H. Li, Z. Tian, and T. Liu, “DAPASA: Detecting Android Piggybacked Apps Through Sensitive Subgraph Analysis,” IEEE Trans. Inf. Forensics Secur., vol. 12, no. 8, pp. 1772–1785, 2017, DOI: 10.1109/TIFS.2017.2687880.
[45] B. Shunmugapriya and B. Paramasivan, “Protection Against SQL Injection Attack in Cloud Computing,” vol. 9, no. 02, pp. 502–510, 2020.
[46] K. Varshney and R. L. Ujjwal, “LsSQLIDP : Literature survey on SQL injection detection and prevention techniques,” J. Stat. Manag. Syst., vol. 22, no. 2, pp. 257–269, 2019, DOI: 10.1080/09720510.2019.1580904.
[47] K. Ahmad and M. Karim, “A Method to Prevent SQL Injection Attack using an Improved Parameterized Stored Procedure,” vol. 12, no. 6, pp. 324–332, 2021.
[48] M. Kareem, “Prevention of SQL Injection Attacks using AWS WAF,” p. 47, 2018, [Online]. Available: http://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1094&context=msia_etds.
[49] S. Mohammed, H. Chaki, and M. M. Din, “A Survey on SQL Injection Prevention Methods,” vol. 9, no. 1, pp. 47–54, 2019.
[50] R. Rawat, “SQL injection attack Detection using SVM,” no. March 2012, 2020, DOI: 10.5120/5749-7043.
[51] Z. Chen and M. Guo, “Research on SQL injection detection technology based on SVM,” vol. 01004, pp. 1–5, 2018.
[52] A. Banchhor and T. Vaidya, “SQL INJECTION DETECTION USING BAYE ’ S CLASSIFICATION,” pp. 313–317.
[53] M. Olalere et al., “A Naïve Bayes Based Pattern Recognition Model for Detection and Categorization of Structured Query Language Injection Attack,” vol. 7, no. 2, pp. 189–199, 2018.
[54] M. Liu and T. Chen, “DeepSQLi : Deep Semantic Learning for Testing SQL Injection,” pp. 286–297.
[55] T. Liu, Y. Qi, L. Shi, and J. Yan, “Locate-Then-Detect : Real-time Web Attack Detection via Attention-based Deep Neural Networks,” pp. 4725–4731, 2016.
[56] M. Volkova, P. Chmelar, and L. Sobotka, “MACHINE LEARNING BLUNTS THE NEEDLE OF ADVANCED SQL INJECTIONS,” vol. 25, no. 1, pp. 23–30, 2019.
[57] X. I. N. Xie, C. Ren, Y. Fu, J. I. E. Xu, and J. Guo, “SQL Injection Detection for Web Applications Based on Elastic-Pooling CNN,” IEEE Access, vol. 7, pp. 151475–151481, 2019, DOI: 10.1109/ACCESS.2019.2947527.
[58] Q. I. Li, W. Li, and J. Wang, “A SQL Injection Detection Method Based on Adaptive Deep Forest,” pp. 145385–145394, 2019, DOI: 10.1109/ACCESS.2019.2944951.