Analysis of SQL injection attack in web service (a case study of website in Aceh province)

Dissemination of information through the Internet is one of the positive impacts of the ICT technology and an efficient way to reach everyone around the world. Everyone will easily access all of the information presented by the restrictions place unhindered. Therefore, various government agencies, private organizations, educational institutions, and other nonprofit organizations in Aceh are using the Internet as a medium for information dissemination. Development of the site becomes easier with the availability of applications Content Management System (CMS), which is combined with the PHP scripting language and MySQL database. However, various security issues can harm the existence of Web site system and it seems not to be the attention of the administrator and Web master. Security issues were examined in this study based on a variety of attacks that occur by the method of SQL injection attacks. A survey of existing sites in the province of Aceh has been carried out and found the data were obtained and then were classified into the attack happened. Based on the result of this study, some preventive measures were established that need to be understood and implemented so that SQL injection can be minimized in the future.