Vulnerable Web Application For the Analysis of SQL Injection; The Impact of Societal Views of Privacy on Data Collection Laws

Belkhayat, Zane, School of Engineering and Applied Science, University of Virginia
Elliott, Travis, EN-Engineering and Society, University of Virginia
Tian, Yuan, EN-Comp Science Dept, University of Virginia
Mahmoody, Mohammad, EN-Comp Science Dept, University of Virginia
Bloomfield, Aaron, EN-Comp Science Dept, University of Virginia

In examination of data privacy either through methods of defense, or general evolutions of relevant technology and policy, the technical report and research project relate to one another. These projects are a direct result of the increasing use of data in every day life and application. It is important for one to not only understand the policy shaping its collection and use, but also the technology which actually does the job.
Data privacy is examined through practical application of both penetration techniques and defense techniques by creating a tool capable of testing both in the technical project. Utilizing the myriad ways SQL injection vulnerabilities may occur allows for a deeper understanding of how easy it is to leak user data without the proper precautions. By combining elements of both network security and software development, a new tool can be used to help educate on the severity of the issue through a vulnerable web application.
Data privacy is also examined through research methods as the U.S. and China, two countries with different cultural backgrounds, are compared against each other and how their various technologies and policies are alike/different. By comparing these countries in particular, there is a good contrast in how the general population may feel fundamentally about data privacy, allowing for a nuanced analysis of the subject.
These projects come together to give insight into both the practical and theoretical sides of data privacy. By developing a tool for the use education in data privacy, an artifact is created which is shaped by the social norms in the society it was created. These norms and other tools are analyzed in the research project. Each work complements the other in the form of details and big picture analysis.

BS (Bachelor of Science)
SQL, SQL Injection, Data Privacy

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisors: Yuan Tian, Mohammad Mahmoody, Aaron Bloomfield
STS Advisor: Sean Travis Elliott
Technical Team Members: Zane Belkhayat

Issued Date: