Abstract:SQL injection is a type of security vulnerability that occurs in database-driven web applications where an attacker injects malicious code into the application to gain unauthorized access to sensitive information. This paper aims to provide a comprehensive and systematic review of the existing methods for preventing and detecting SQL injection attacks. The review covers a range of techniques, including input validation, parameterized queries, and intrusion detection systems, as well as the advantages and disad… Show more
“…Many SHSs are web-based and store healthcare data in SQL databases, making them susceptible to SQL injection (SQLi) attacks. Noman and Abu-Sharkh [117] and Abdullayev and Chauhan [118] define SQLi attacks as a type of application security susceptibility in which cybercriminals exploit SQL database weaknesses by injecting malicious SQL codes/statements into the input fields of a website and desktop and mobile application forms or URL parameters to compromise the back-end database and illegally access and extract sensitive data stored in the database. Numerous websites implement SQL to manage their database, and attackers take advantage of the weaknesses in SQL to execute malicious SQL statements, which allows the servers to reveal sensitive information stored in the databases.…”
Section: Sql Injection Attacksmentioning
confidence: 99%
“…[118]. In smart healthcare, patients and healthcare professionals use smart healthcare software to access data that can be shared with other departments.…”
Cutting-edge technologies have been widely employed in healthcare delivery, resulting in transformative advances and promising enhanced patient care, operational efficiency, and resource usage. However, the proliferation of networked devices and data-driven systems has created new cybersecurity threats that jeopardize the integrity, confidentiality, and availability of critical healthcare data. This review paper offers a comprehensive evaluation of the current state of cybersecurity in the context of smart healthcare, presenting a structured taxonomy of its existing cyber threats, mechanisms and essential roles. This study explored cybersecurity and smart healthcare systems (SHSs). It identified and discussed the most pressing cyber threats and attacks that SHSs face, including fake base stations, medjacking, and Sybil attacks. This study examined the security measures deployed to combat cyber threats and attacks in SHSs. These measures include cryptographic-based techniques, digital watermarking, digital steganography, and many others. Patient data protection, the prevention of data breaches, and the maintenance of SHS integrity and availability are some of the roles of cybersecurity in ensuring sustainable smart healthcare. The long-term viability of smart healthcare depends on the constant assessment of cyber risks that harm healthcare providers, patients, and professionals. This review aims to inform policymakers, healthcare practitioners, and technology stakeholders about the critical imperatives and best practices for fostering a secure and resilient smart healthcare ecosystem by synthesizing insights from multidisciplinary perspectives, such as cybersecurity, healthcare management, and sustainability research. Understanding the most recent cybersecurity measures is critical for controlling escalating cyber threats and attacks on SHSs and networks and encouraging intelligent healthcare delivery.
“…Many SHSs are web-based and store healthcare data in SQL databases, making them susceptible to SQL injection (SQLi) attacks. Noman and Abu-Sharkh [117] and Abdullayev and Chauhan [118] define SQLi attacks as a type of application security susceptibility in which cybercriminals exploit SQL database weaknesses by injecting malicious SQL codes/statements into the input fields of a website and desktop and mobile application forms or URL parameters to compromise the back-end database and illegally access and extract sensitive data stored in the database. Numerous websites implement SQL to manage their database, and attackers take advantage of the weaknesses in SQL to execute malicious SQL statements, which allows the servers to reveal sensitive information stored in the databases.…”
Section: Sql Injection Attacksmentioning
confidence: 99%
“…[118]. In smart healthcare, patients and healthcare professionals use smart healthcare software to access data that can be shared with other departments.…”
Cutting-edge technologies have been widely employed in healthcare delivery, resulting in transformative advances and promising enhanced patient care, operational efficiency, and resource usage. However, the proliferation of networked devices and data-driven systems has created new cybersecurity threats that jeopardize the integrity, confidentiality, and availability of critical healthcare data. This review paper offers a comprehensive evaluation of the current state of cybersecurity in the context of smart healthcare, presenting a structured taxonomy of its existing cyber threats, mechanisms and essential roles. This study explored cybersecurity and smart healthcare systems (SHSs). It identified and discussed the most pressing cyber threats and attacks that SHSs face, including fake base stations, medjacking, and Sybil attacks. This study examined the security measures deployed to combat cyber threats and attacks in SHSs. These measures include cryptographic-based techniques, digital watermarking, digital steganography, and many others. Patient data protection, the prevention of data breaches, and the maintenance of SHS integrity and availability are some of the roles of cybersecurity in ensuring sustainable smart healthcare. The long-term viability of smart healthcare depends on the constant assessment of cyber risks that harm healthcare providers, patients, and professionals. This review aims to inform policymakers, healthcare practitioners, and technology stakeholders about the critical imperatives and best practices for fostering a secure and resilient smart healthcare ecosystem by synthesizing insights from multidisciplinary perspectives, such as cybersecurity, healthcare management, and sustainability research. Understanding the most recent cybersecurity measures is critical for controlling escalating cyber threats and attacks on SHSs and networks and encouraging intelligent healthcare delivery.
“…Web applications susceptible to SQL injection can grant attackers unrestricted access to the underlying databases (Halfond et al, 2006;Nasereddin et al, 2021;Sadeghian et al, 2013;Singh et al, 2016). The storage of sensitive user or consumer data in these databases often results in substantial consequences in the event of security breaches (Abdullayev & Chauhan, 2023;Clarke, 2009). The ramifications include identity theft, the divulgence of personal data, and the commission of deceitful activities.…”
In this contemporary digital age, cybersecurity stands as a crucial linchpin amid the expanding role of technology in our lives, encountering numerous challenges. This review addresses the imperative need for robust cybersecurity measures as malicious actors continually innovate methods to exploit vulnerabilities in computer systems, networks, and data. The exploration delves into the multifaceted realm of cybersecurity attacks, unveiling the evolving threat landscape and their profound implications. From cybercriminals utilizing phishing attacks to the covert tactics of malware and the disruptive potential of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, including Phishing, Zero-Day Exploits, Man-in-the-Middle, and SQL Injection Attacks, the cybersecurity battleground is ever-expanding. The study systematically categorizes cyber threats, scrutinizes their distinctive characteristics, and elucidates the modus operandi of each attack type. Through a meticulous dissection of cybercriminal methods and motivations and a comprehensive evaluation of countermeasure efficacy, this review offers indispensable insights for securing our digital future in an era marked by escalating interconnectivity and technological dependence.
“…SQL attack is a method where the attacker uses malicious cod to gain access to information by backend database manipulation [56]. Information attackers target may be details of the targeted organization, details of the company's customers or users of the company's systems and networks which results to illegitimate viewership of sensitive information, deletion or modification [57], [58], [59]. SQL injections can be prevented by implementing input validation which would flag unlawful input.…”
Section: Structured Query Language (Sql) Injectionmentioning
In the current technological environment, different entities engage in intricate cyber security approaches in order to counter damages and disruptions in web-based systems. The design of the security protocols relies on the guarantee that attacks are prevented in the web-based systems. Prevention and detection using techniques such as access control tools, encryption and firewalls present limitations in the full protection of web-based systems. Furthermore, despite the sophistication of current systems, there are still shortfalls in high false positive and false negative threat detection rates, which is attributed to poor adaptation by systems and networks to the changing threats and behavior of cyber-criminals. In this perspective, this survey paper discusses the existing cyber-attack detection models, and recommends the cyber-attack detection models and techniques that are appropriate for web-based systems. It is evident that deep learning techniques offer better performance and robustness compared to traditional machine learning techniques and other non-artificial intelligence-based techniques. Deep learning techniques learn and extract features automatically without human intervention and can also handle big and multidimensional data more conventionally than the other techniques.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.