MSC RESEARCH PROPOSAL Student Name: Khusbu Choksi Student ID: 20032303 University Name: Northumbria University Module Code: LD7028 Module Name: Research methods & Project Management Course of study: MSc Cyber Security Supervisor Name: Usman Butt Word Count: 3418 Table of Contents Title 3 Aim 3 Problem statement 3 Background 4 Scope 5 Objective 6 Methodology 7 Project plan 7 Known risks 8 Sources and use of knowledge 9 Ethical, legal, social, security and professional concern 10 Reference List 12 Title This research approach is about the impact of SQL injection in the cyber security system as well as there is a discussion about the process of improvement and optimization of the SQL injection protection Aim The main focus of this research is to provide elaborate information about the effect of SQLI in cyber security systems. SQLI is a kind of security exploit in which cyber attackers add the web form code named SQL to access the unauthorized resources as well as they can make changes in the confidential data at any time. The research aim is to identify the effects and process of improvement in this SQLI project. Problem statement At present, the cyber security system is one of the most important departments at any work because it can help to provide security in the computers as well as servers and mobile devices to keep the confidential data safe. It can also defend the malicious attacks and unauthorized data that can be impacted immensely in the security system. SQL is based on a web form code; it stands for the Structured Query Language and this is used for accessing the confidential data from the database. If the employees wanted to check the data, they can easily use this code to access the database however there are some cyber attackers who are using this web form code for accessing the data in an unauthorized manner it can create a severe impact on the security system in any business. Through accessing the data attackers can get information related to customers as well as other important information. At present, Radio Frequency Identification is highly impacted by this SQL injection attack (Sharma et al., 2019). This research report is based on the process of mitigation of risk factors through improving as well as optimizing the SQL injection protection. This attack can be impacted on the confidential data of any company as well as it can expose the customers’ details to hackers. There are various types of SQL injection attacks that can hamper the cyber security system by manipulating sensitive data (Sheykhkanloo, 2017). At present this problem is spread throughout all businesses in the world because businesses are dependent upon the emerging technologies such as computers, tablets as well as mobile devices along with servers and networks, it can store the confidential data of company and customers. Most of the companies use data protection strategies through implementing the cyber security procedure however attackers can impact this system by applying the technology with utility that is SQLI attack it is powerful web form code that can expose all-important moreover the malicious attackers can make changes in those data as well as thorough applying this powerful code they can get right to access the personal data from the database. This research interpretation is based on the severe impact of this code on cyber security as well as in organizations. This attack can be prevented through taking initial steps through improving the protection system. This research report helps to identify the procedures which can improve as well as optimize the cyber security to prevent the SQL injection attack. Background Cyber Security is the important factor for an organization to keep their confidential data safe and secure. Most of the organizations use cyber security technologies with high utility to protect the malicious attacks and sensitive data. However, At present hackers are also applying more powerful technology that is SQL injections, it is based on a web programming code for manipulating and accessing data (Kaur and Kaur, 2017). The full form of this web form code is Structured Query Language which was implemented in 1986 by the organization named IBM for a project of the US government. This programming language is implemented for accessing the data as well as it is used for the special purpose of accessing and manipulating the database. This web programming code is completely different from the other programming code such as Java, C and C+ (Schuckert et al., 2020). However it is associated with these programming languages if a person knows SQL then he can easily apply other languages in the database. This language was used for government related projects in the past however; currently it is used for accessing the sensitive data through unauthorized resources. This unauthorized entry is called SQL injections attack. Malicious attackers are using the web programming code to access the sensitive data related to the company and its customers moreover they can make changes to manipulate the database. This can be a severe risk factor for a company to keep their integrity in the security system as well as it can be the reason for losing trust with their customers as well as losing the important and confidential data from the database (Alenezi et al., 2021). The cyber criminals are using it for manipulating the information to make disruptiveness on the business. These SQL injections are divided into three parts, one part is In band SQLI which is also known as a classic form of SQLI (Taipalus and Perälä, 2019). In this section the attacker is going to use the same channel in their communication system to start the attack for accessing data. It also has two parts: one is the error based and other is union based. Another part is Interferential SQLI, this kind of attack is accomplished through sending the data payloads to the servers to get access into the database. The thyroid section is Out of Band SQLI, this attack is not accomplished through the same channel of communication, it only works in some specific features (Li et al., 2019). Software developers use this programming language to get right for accessing the database. Currently this attack has created a severe impact on radio frequency identification. Cyber security departments are facing a lot of challenges due to this malicious attack. Hackers can easily hack the database of a company through applying this programming language at any time and get to know about the confidential data about the company it can affect the integrity of this company as well as they can lose their customers and important information can be exposed to their competitors. The data can be about the strategies of developing the business as well as it can be a data of customer details. Not only hackers can access the data but also, they can manipulate the data. This research report helps to provide the information about the procedure of mitigating this severe problem of SQL injection attack. Scope This research report is based on the impact of the SQL injection attacks in the cyber security system in the business. The research investigates the effect of the SQL injections attack on the businessThis research provides the scope of improvement in the cyber security system to protect the malicious attacks (Guo et al., 2019)The interpretation of this report can help the cyber department through informing the optimizing factors that can be used to protect the data The research is all about the impact and informing the process of improving the protection system through gathering the data collected by journals and websites.This research is completely based on the secondary research method that an help to provide important information about the SQL injection attackThe scope of the project is to give the proper interpretation through efficient and accurate data. This research is completely about the present threat of the organization that is protecting the data. SQL injection attacks can harm the business because hackers can access the personal and sensitive data through implementing this web programming language. This can be disruptive to the business of the organizations. This present research can give the scope of improvement of the cyber security department to prevent this kind of malicious attack as well as the interpretation of the report can easily optimize the protection system of cyber security that can help them to keep the business-related sensitive data safe and secure. There is elaborate information about the impact of this web programming language. After identifying the impacts there will definitely be a scope to improving the system of security departments that can help to maintain the safety of the confidential data. Objective The research has objectives to understand the current cyber security problems and its solutions. The objectives have been given below- •To arrange a framework to understand the gravity of SQL injection attacks. •To understand the most advanced techniques of cybercrime. To focus on cyber security by preventing SQL injection attacks by criminals or hackers. •To present the risk factors of established business for the SQL injection attacks. •To develop a campaign to provide details of the SQL injection attack to prevent the cyber-attacks (Alwan and Younis, 2017). •Analyze improvement in ability to recognize the SQL injection attack in personal websites. •Build awareness to website developers during web development that may prevent cyber-attacks. •To protect personal information by providing awareness about SQL injection attacks and it ensures trade security for business. •Review the web programming language during web development to prevent the SQL injection attack by hackers. Methodology The research has chosen a topic on SQL injection attacks and that may be considered as cyber-attacks by computer hackers. The attackers hack the database of business websites mainly to modify the business details or information. Sometimes deletes the information to stop the business progress. The research is all about the SQL injections attacks and concerns. The research has been discussed about the risk factors briefly and provided best understanding about preventive care. The research has followed secondary research methodology to know about the specific cyber crime. The secondary research method provides several journals and lots of information regarding the SQL injection attacking process or techniques. Quantitative research methods have been followed to measure the gravity of the particular cyber crime and the research methods have helped to find the details of the cyber crime process to provide advanced knowledge. The secondary data collection method and qualitative research method have been provided complete and apparent knowledge regarding the research topic. Project plan Task No.Project activitiesEffortStarting dateEnding DatePredecessorsResources1Project planning32 Days1/4/202130/1/2120Researcher 30%2Design the project10 days1/4/202114/4/2021Researcher 40%3Acquiring required permissions15 days15/4/20215/5/2021Researcher 70%4Resource Allocation4 Days6/5/202111/5/2021Researcher 30%5Allocating project responsibility in the team3 Days12/5/202114/5/2021Researcher 40% 6Developing research methodology8 Days17/5/202126/5/202140Researcher 60%7Selecting secondary resources5 Days17/5/202121/5/2021Researcher 70%8Developing and selecting data analysis process3 Days24/5/202126/5/2021Researcher 50%9Conducting the research22 Days27/5/202125/6/202120Researcher 40%10Search the journals4 Days27/6/20211/6/2021Researcher 11Read the journals6 Days2/6/20219/6/2021Researcher 20% 12Collect the data or information5 Days10/6/202116/6/2021Researcher 35% 13Arrange the research assignment7 Days17/6/202125/6/2021Researcher 20% 14Project submission3 Days28/6/202130/6/202110Researcher 40% 15Primary Submission 1 Day28/6/202128/6/2021Researcher 50%16Project Review2 Days29/6/202130/2021Researcher 40% 17Final Submission 1 Day28/6/202128/6/2021Researcher 30% Table 1: Project Planning (Source: created by author) The research project has taken enough days to plan the project and arrange the project. The research may take an exact 3days for project design and the journal searching may take 2days. Reading journals is important to understand the research topic so the research may take 2days for best efforts. Collecting data from journals is another important activity of this research and it may take 4days. Arrangement of research assignment may take a maximum of 3days and the project submission may take 1 day. The table has shown the ultimate project plan for this particular research. Figure 1: Gantt chat of project (Source: Created by author) Figure 2 : Gantt Chart graph of project (Source: created by author) Known risks Risk typeRisk eventLikelihood (1-10)Impact (1-10)Risk value (1-100)Monitoring control flagRisk management StrategyDate of reviewing the riskPcollect exact data4554Provide more concentration to review the information1/4/2021Pincomplete data or information5229Review regularly3/4/2021Ttechnological problem6530Plan for backup facilities6/4/2021SPermission of the research3352Utilize alternative source9/4.2021FAbility to design the project6778Review the project guidance12/4/2021 Table 2: Risk identification (Source: created by author) Risk type F financial T technological P people S security Control flag High risk > 75 – Action required urgently Medium risk 75 to > 50 –Action as soon as possible Acceptable risk 25 to >50 – Analyze issues raised Low risk
