Abstract:As the first defensive layer that attacks would hit, the web application firewall (WAF) plays an indispensable role in defending against malicious web attacks like SQL injection (SQLi). With the development of cloud computing, WAF-as-a-service, as one kind of Security-as-a-service, has been proposed to facilitate the deployment, configuration, and update of WAFs in the cloud. Despite its tremendous popularity, the security vulnerabilities of WAF-as-a-service are still largely unknown, which is highly concerning given its massive usage. In this paper, we propose a general and extendable attack framework, namely AdvSQLi, in which a minimal series of transformations are performed on the hierarchical tree representation of the original SQLi payload, such that the generated SQLi payloads can not only bypass WAF-as-a-service under black-box settings but also keep the same functionality and maliciousness as the original payload. With AdvSQLi, we make it feasible to inspect and understand the security vulnerabilities of WAFs automatically, helping vendors make products more secure. To evaluate the attack effectiveness and efficiency of AdvSQLi, we first employ two public datasets to generate adversarial SQLi payloads, leading to a maximum attack success rate of 100% against state-of-the-art ML-based SQLi detectors. Furthermore, to demonstrate the immediate security threats caused by AdvSQLi, we evaluate the attack effectiveness against 7 WAF-as-a-service solutions from mainstream vendors and find all of them are vulnerable to AdvSQLi. For instance, AdvSQLi achieves an attack success rate of over 79% against the F5 WAF. Through in-depth analysis of the evaluation results, we further condense out several general yet severe flaws of these vendors that cannot be easily patched.

What problem does this paper attempt to address?

The paper primarily focuses on the security vulnerabilities of Web Application Firewall (WAF) as a Service (WAF-as-a-service) and proposes an attack framework named AdvSQLi. The main goal of this framework is to generate adversarial SQL injection (SQLi) attacks that can bypass existing WAF-as-a-service systems in a black-box environment. Specifically, the paper aims to address the following key issues: 1. **Security vulnerabilities of WAF-as-a-service**: With the development of cloud computing, WAF-as-a-service has become increasingly popular, but its potential security vulnerabilities remain unknown, posing significant challenges to network defense. 2. **Automated assessment of WAF security**: There is currently a lack of an effective automated method to assess the actual security of WAF, especially its defense capability against SQL injection attacks. 3. **Generation of adversarial SQL injection**: How to generate SQL injection attacks that can maintain their original malicious functionality while bypassing WAF detection. To address these issues, the paper proposes the AdvSQLi framework, which achieves its goals through the following steps: 1. **Hierarchical tree representation of original SQLi payloads**: Representing the original SQLi payloads as a hierarchical tree structure to facilitate fine-grained processing of different parts. 2. **Weighted mutation strategy based on context-free grammar**: Using context-free grammar (CFG) to generate a series of equivalent SQLi payloads that are functionally identical to the original payloads but differ in form, aiming to bypass WAF detection. 3. **Monte Carlo Tree Search (MCTS)**: Employing the MCTS algorithm to efficiently explore the possible adversarial SQLi payload space, thereby finding the most likely attack methods to bypass WAF. Through the above methods, the paper aims to demonstrate that the AdvSQLi framework can effectively detect and understand the security vulnerabilities of WAF-as-a-service and help vendors improve the security of their products. Additionally, the paper conducts extensive experimental evaluations to verify the effectiveness and efficiency of AdvSQLi, including successful bypasses of mainstream WAF-as-a-service solutions.

AdvSQLi: Generating Adversarial SQL Injections against Real-world WAF-as-a-service

AdvSQLi: Generating Adversarial SQL Injections Against Real-World WAF-as-a-Service

Exploring Defense of SQL Injection Attack in Penetration Testing

DIAVA: A Traffic-Based Framework for Detection of SQL Injection Attacks and Vulnerability Analysis of Leaked Data

ModSec-AdvLearn: Countering Adversarial SQL Injections with Robust Machine Learning

SAID: State-aware Defense Against Injection Attacks on In-vehicle Network

SQLStateGuard: Statement-Level SQL Injection Defense Based on Learning-Driven Middleware

A New Policy to Defend against SQL Injection Attacks

SQLPsdem: A Proxy-Based Mechanism Towards Detecting, Locating and Preventing Second-Order SQL Injections

An algorithm for detecting SQL injection vulnerability using black-box testing

DeepSQLi: deep semantic learning for testing SQL injection

AdvWeb: Controllable Black-box Attacks on VLM-powered Web Agents

Break the Wall from Bottom: Automated Discovery of Protocol-Level Evasion Vulnerabilities in Web Application Firewalls

Detection of structure query language injection vulnerability in web driven database application

Formal Analysis of Vulnerabilities of Web Applications Based on SQL Injection (Extended Version)

WAF-A-MoLE: Evading Web Application Firewalls through Adversarial Machine Learning

SQL Injection Attacks Detection in Adversarial Environments by K-Centers.

SQL Injection Attack Detection and Prevention Techniques Using Deep Learning

SQL Injection Jailbreak: a structural disaster of large language models

Test Sql Injection Vulnerabilities In Web Applications Based On Structure Matching

Combinatorial methods for dynamic gray‐box SQL injection testing