Title

Quality of SQL Code Security on StackOverflow and Methods of Prevention

Author ORCID Identifier

http://orcid.org/0000-0001-9153-3715

Degree Year

2021

Document Type

Thesis

Degree Name

Bachelor of Arts

Department

Computer Science

Advisor(s)

Cynthia Taylor

Keywords

StackOverflow, SQL Injection, Security, Text mining, Machine learning

Abstract

This paper explores the frequency at which SQL/PHP posts on the website Stackoverflow.com contain code susceptible to SQL Injection, a common database vulnerability. Specifically, we analyze whether other users give notice of the vulnerability or provide an answer that is secure. The majority of questions analyzed were vulnerable to SQL Injection and were not corrected in their answers or brought to the attention of the original poster. To mitigate this, we present a machine learning bot which analyzes the poster’s code and alerts them of potential injection vulnerabilities, if necessary.

This document is currently not available here.

Share

COinS