Systematic literature review on SQL injection attack

SQL injection attack is a common threat to web applications that utilizes poor input validation to implement attack on a target database. It is becoming a very serious problem in web applications as successful execution leads to loss of integrity and confidentiality and this makes it a very sensitive issue of software security. The study presents a Systematic Literature Review (SLR) on SQL Injection Attacks (SQLIA) following Kitchenham's procedure of performing systematic literature review. This study gives a review on SQL injection attack, detection and prevention techniques. In the end, an evaluation of the techniques is carried out to check the effectiveness of each technique based on how many method of attack it can detect and prevent. It is imperative to note that a good number of the evaluated techniques were able to detect and prevent all types of SQLIA based on the selected criteria. To determine the best technique resources such as memory and processing time need to be considered in the evaluation

Software quality: predicting reliability of a software using decision tree

System availability can be expressed as an attribute of reliability that determines the total time a system or component is functioning. Most available models try to predict availability of a software during its life cycle but there are very few or no models that predict a software going days without a failure. Over the years, decision tree model have been used as a reliable technique for prediction. In this study, based on the sample data collected by John Musa of Bell Telephone Laboratories, a decision tree model has been used to predict the availability of a system going days without a failure. This study concluded that a decision tree model is able to decide availability of a software in terms of going days without a failure