Quality of SQL Code Security on StackOverflow and Methods of Prevention
Author ORCID Identifier
Bachelor of Arts
StackOverflow, SQL Injection, Security, Text mining, Machine learning
This paper explores the frequency at which SQL/PHP posts on the website Stackoverflow.com contain code susceptible to SQL Injection, a common database vulnerability. Specifically, we analyze whether other users give notice of the vulnerability or provide an answer that is secure. The majority of questions analyzed were vulnerable to SQL Injection and were not corrected in their answers or brought to the attention of the original poster. To mitigate this, we present a machine learning bot which analyzes the poster’s code and alerts them of potential injection vulnerabilities, if necessary.
Klock, Robert, "Quality of SQL Code Security on StackOverflow and Methods of Prevention" (2021). Honors Papers. 835.