Time Complexity: SQL injection via network
O(n)
0
0
SQL injection via network in Computer Networks - Time & Space Complexity
Understanding Time Complexity
When analyzing SQL injection attacks over a network, it's important to understand how the attack's effort grows as the input size or attack complexity increases.
We want to know how the number of operations or requests changes as the attacker tries more inputs.
Scenario Under Consideration
Analyze the time complexity of this simplified SQL injection attack process.
for each input in attack_inputs:
send input over network to server
receive server response
if response shows vulnerability:
break
This code tries multiple inputs over the network to find a SQL injection vulnerability by checking server responses.
Identify Repeating Operations
Look at what repeats as the attack runs.
- Primary operation: Sending inputs over the network and waiting for server responses.
- How many times: Once for each input tried until vulnerability is found or inputs end.
How Execution Grows With Input
As the number of inputs to try increases, the total network requests grow linearly.
| Input Size (n) | Approx. Operations |
|---|---|
| 10 | About 10 network requests |
| 100 | About 100 network requests |
| 1000 | About 1000 network requests |
Pattern observation: The number of operations grows directly with the number of inputs tried.
Final Time Complexity
Time Complexity: O(n)
This means the time to find a vulnerability grows in direct proportion to the number of inputs tested.
Common Mistake
[X] Wrong: "The attack time stays the same no matter how many inputs are tried."
[OK] Correct: Each input requires a separate network request and response, so more inputs mean more time spent.
Interview Connect
Understanding how attack time grows with input size helps you think like both a defender and attacker, a useful skill in security roles.
Self-Check
"What if the attacker could send multiple inputs in one request? How would the time complexity change?"