Security Threats and Mitigation Techniques in C-Based Applications with Emphasis on Medical Database Protection
Description
In an era where digital systems are increasingly under threat from cyberattacks, the importance of secure software development has never been more critical. This paper explores the unique security challenges presented by the C programming language, widely recognized for its performance, flexibility, and low-level system access. Despite its strengths, C's lack of built-in memory safety features introduces vulnerabilities such as buffer overflows and SQL injections, particularly when used to develop applications that interface with sensitive databases. With a specific focus on medical databases like MIMIC-III, this study examines how poor memory management, input validation failures, and unguarded database queries can expose critical patient data to risk. The paper reviews current literature, highlights common attack vectors, and proposes practical strategies rooted in secure coding standards and encryption practices. Additionally, emerging solutions like AI-powered code analysis tools and formal coding guidelines are discussed to provide a comprehensive outlook on future-proofing C-based systems. This work aims to contribute to the broader effort of promoting secure programming methodologies that protect digital infrastructure and sensitive information in critical sectors.
Files
Security Threats and Mitigation Techniques in C-Based Applications with Emphasis on Medical Database Protection.pdf
Files
(368.0 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:479655b8ca9f8909bd89fc6f729519ee
|
368.0 kB | Preview Download |
Additional details
References
- Wheeler, David A. Secure Programming HOWTO. 3.72 ed., 2015
- Chen, Zimin, Steve Kommrusch, and Martin Monperrus. "Neural transfer learning for repairing security vulnerabilities in c code." IEEE Transactions on Software Engineering 49.1 (2022): 147-165
- AL-Maliki, Manar Hasan Ali, and Mahdi Nsaif Jasim. "Review of SQL injection attacks: Detection, to enhance the security of the website from client-side attacks." International Journal of Nonlinear Analysis and Applications 13.1 (2022): 3773-3782
- S, R. A. (2023, May 17). Use of C language: Everything you need to know. Simplilearn.com. https://www.simplilearn.com/tutorials/c-tutorial/use-of-c-language#:~:text=C%20is%20a%20procedural%20programming,well%20to%20common%20hardware%20instructions.
- Suvvari, T., Simhachalam Kutikuppala, L., Gopal Raju, S. V., Jonna, S., & Veeramreddy, N. (2020). Health-care databases and its role in transformation of medicine. Journal of the Scientific Society, 47(3), 141. https://doi.org/10.4103/jss.jss_67_20
- "What Is Database Management?" Nutanix, 26 June 2023, www.nutanix.com/info/database-management.
- "White Paper How to Write Secure Code in C - Perforce Software." How to Write Secure Code in C, www.perforce.com/sites/default/files/pdfs/how-to-write-secure-code-c.pdf.
- Sicari, Sabrina, Alessandra Rizzardi, and Alberto Coen-Porisini. "Security&privacy issues and challenges in NoSQL databases." Computer Networks 206 (2022): 108828.
- McObject. Database Encryption in C, 2023, www.mcobject.com/docs/Content/Users_Guides/Core/Encryption/Encryption_C.htm
- M. Hasan, Z. Balbahaith and M. Tarique, Detection of SQL injection attacks: A machine learning approach, Int. Conf. Electr. Comput. Technol. Appl. (ICECTA), 2019, p. 1-6.
- Catal C, Ozcan A, Donmez E, Kasif A. Analysis of cyber security knowledge gaps based on cyber security body of knowledge. Educ Inf Technol (Dordr). 2023;28(2):1809-1831. doi: 10.1007/s10639-022-11261-8. Epub 2022 Aug 5. PMID: 35967829; PMCID: PMC9362361
- Norris, Samuel. "10 Reasons Why Digital Security Is Vital for Everyone." Digital Security World, 12 Nov. 2023, digitalsecurityworld.com/why-is-digital-security-important/