Ahmed A. M. Sharadqeh, As'ad Mahmoud Alnaser, Omar Al Heyasat, Ashraf Abdel-Karim Abu-Ein^*, Hazem (Moh'd Said) Hatamleh

Show more
Computer Engineering Department, Faculty of Engineering Technology, Al-Balqa’ Applied University, Amman, Jordan.
Computer Engineering Department, Al-Balqa’ Applied University, Salt, Jordan.
Computer Science Department, Ajloun University College, Al-Balqa’ Applied University, Ajloun, Jordan.
Show less

Abstract: E-mail hackers use many methods in their work, in this article, most of such efficient methods are demonstrated and compared. Different methods and stages of such methods are listed here, in order to reveal such methods and to take care of them but the most common discussed method in this paper is SQL method. SQL injection is a type of security exploit in which the attacker adds SQL statements through a web application's input fields or hidden parameters to gain access to resources or make changes to data. It is found that the SQL is an efficient way in preventing E-mail hacking and its efficiency reaches about 80%. The method of SQL injection can be considered as an efficient way comparing with other methods.

Keywords: E-Mail; Hackers; SQL; Security

Cite this paper: A. Sharadqeh, A. Alnaser, O. Heyasat, A. Abu-Ein and H. Hatamleh, "Review and Measuring the Efficiency of SQL Injection Method in Preventing E-Mail Hacking," International Journal of Communications, Network and System Sciences, Vol. 5 No. 6, 2012, pp. 337-342. doi: 10.4236/ijcns.2012.56044.

References

[1]   C. Cerrudo, “Manipulating Microsoft SQL Server Using SQL Injection,” Application Security, Inc., 2005. http://research.mwjournal.com/detail/RES/1124462486_292.html

[2]   D. Das, U. Sharma and D. K. Bhattacharyya, “An Approach to Detection of SQL Injection Attack Based on Dynamic Query Matching,” International Journal of Computer Applications, Vol. 1, No. 25, 2010, pp. 28-34.

[3]   G. B. Shelly, T. J. Cashman and M. E. Vermaat, “Discovering Computers 2005: A Gateway to Information,” Course Technology, Boston, 2004.

[4]   K. Stasiak, “Web Application Security,” Information Systems Control Journal, Vol. 6, 2002. http://www.isaca.org/Content/ContentGroups/Journal1/20023/Web_Application_Security.htm

[5]   P. Carey, “Creating Web Pages with HTML and Dynamic HTML,” Course Technology, Boston, 2001.

[6]   M. Roche, “Wireless Hacking Tools,” 2007. http://www.cse.wustl.edu/~jain/cse57107/ftp/wireless_hacking/2007

[7]   S. Garfenkel and G. Spafford, “Secure AGI/CGI Programming,” World Wide Web Journal, Vol. 2, No. 3, 1997. http://www.w3j.com/7/s3.garfinkel.wrap.html.

[8]   W. Ke, M. Muthuprasanna and S. Kothari, “Preventing SQL Injection Attacks in Stored Procedures,” Proceedings of the Australian Software Engineering Conference, Brisbane, 31 March-1 April 2005, pp. 191-1978.

[9]   F. M. Pinguelo and B. W. Muller, “Virtual Crimes, Real Damages Part II,” Virginia Journal of Law & Technology, Vol. 17, No. 1, 2010.