Systematic Literature Review: Preventing SQL Injection Attacks Using Tools OWASP CSR Web Application Firewall

Ahmad Mutedi, Budi Tjahjono


SQL Injection Attacks are a common threat for web-based applications that use insecure input validation to target database attacks. This becomes a very serious problem in web-based applications because successful execution causes loss of integrity and confidentiality and this makes it a very sensitive software security issue. This study presents a Systematic Literature Review (SLR) using PICOC Method on Preventing SQL Injection Attacks Using OWASP Tools. This study provides an overview of SQL Injection Attacks, detection, and prevention techniques. In the end, an evaluation of the effectiveness of detection and prevention using the OWASP CSR Web Application firewall was carried out. It should be noted that the OWASP Tools can also detect and prevent SQL Injection Attacks.


SQL Injection; Prevent; OWASP CSR; Systematic Literature Review; WAF

Full Text:



Alenezi, M., Nadeem, M., & Asif, R. (2021). SQL injection attacks countermeasures assessments. In Indonesian Journal of Electrical ….

Bisht, P., Pant, D., & Rauthan, M. S. (2018). Analyzing and Defending Web Application Vulnerabilities through Proposed Security Model in Cloud Computing. Journal of Graphic ….

Castillo, R. E., Caliwag, J. A., Pagaduan, R. A., & ... (2019). Prevention of SQL injection attacks to login page of a website application using prepared statement technique. Proceedings of the 2019 ….

Chen, D., Yan, Q., Wu, C., & Zhao, J. (2021). Sql injection attack detection and prevention techniques using deep learning. Journal of Physics: Conference ….

Chen, Z., & Guo, M. (2018). Research on SQL injection detection technology based on SVM. MATEC Web of Conferences.

Fang, Y., Peng, J., Liu, L., & Huang, C. (2018). WOVSQLI: Detection of SQL injection behaviors using word vector and LSTM. … of the 2nd International Conference on ….

Gautam, B., Tripathi, J., & Singh, S. (2018). A secure coding approach for prevention of SQL injection attacks. In International Journal of Applied ….

Harshavardhan, G., & Maheshwari, M. (2020). SQL Injection-Biggest vulnerability of the era.

Hubskyi, O., Babenko, T., Myrutenko, L., & ... (2020). Detection of sql injection attack using neural networks. International Scientific ….

Jemal, I., Cheikhrouhou, O., Hamam, H., & Mahfoudhi, A. (2020). SQL Injection Attack Detection and Prevention Techniques Using Machine Learning. International Journal of Applied Engineering Research.

Laksono, A. T., & Santoso, J. D. (2021). Analysis of Website Security of SMKN 1 Pangandaran Against SQL Injection Attack Using OWASP Method. … of Informatics and ….

Li, Q., Li, W., Wang, J., & Cheng, M. (2019). A SQL injection detection method based on adaptive deep forest. IEEE Access.

Mukhtar, B. I., & Azer, M. A. (2020). Evaluating the Modsecurity Web Application Firewall Against SQL Injection Attacks. 2020 15th International Conference on ….

Muttaqin, M. F., & Yaddarabullah, S. (2020). Implementation of AES-128 and Token-Base64 to Prevent SQL Injection Attacks via HTTP. In International Journal.

Myrutenko, L., & Oksiiuk, O. (2020). Detection of SQL Injection Attack Using Neural Networks. … and Simulation of Systems (MODS’2020 ….

Olalere, M., Egigogo, R. A., Umar, R., & Abdulhamid, S. M. (2018). A Systematic Literature Review on Detection, Prevention and Classification with Machine Learning Approach.

Riadi, I., Umar, R., & Sukarno, W. (2018). Vulnerability of Injection Attacks Against The Application Security of Framework Based Bebsites Open Web Access Security Project (OWASP). In J. Inform.

Robinson, Akbar, M., & Ridha, M. A. F. (2018). SQL injection and cross site scripting prevention using OWASP web application firewall. International Journal on Informatics Visualization.

Xie, X., Ren, C., Fu, Y., Xu, J., & Guo, J. (2019). Sql injection detection for web applications based on elastic-pooling cnn. IEEE Access.

Zhang, H., Zhao, B., Yuan, H., Zhao, J., Yan, X., & ... (2019). SQL injection detection based on deep belief network. Proceedings of the 3rd ….



  • There are currently no refbacks.

Copyright (c) 2022 Ahmad Mutedi

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Jurnal Informatika Universitas Pamulang (ISSN: 2541-1004 e-ISSN: 2622-4615)

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) License