Alex Zhu,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2017100106

2017-01-01

International Journal of Digital Crime and Forensics

Abstract:SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack DDoS. The DDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectively detect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims may not be even aware of that their confidential data has been compromised for a long time. In this paper, our contribution is that we evaluate several most popular open source SQLIA tools and SQLIA prevention tools with both qualitative and quantitative assessments.

Yonghee Shin,Laurie Williams,Tao Xie

2006-01-01

Abstract:This paper proposes an approach to facilitate the identification of actual input manipulation vulnerabilities via automated testing based on static analysis. We implemented a prototype of a SQL injection vulnerability detection tool, SQLUnitGen, which we compared to a static analysis tool, FindBugs. The evaluation results show that our approach can be used to locate precise vulnerable locations of source code and help to identify false positives that are caused by static analysis tools.

ZHOU Jing-Li,WANG Xiao-Feng,YU Sheng-Sheng,XIA Hong-Tao

DOI: https://doi.org/10.3969/j.issn.1002-137X.2006.11.019

2006-01-01

Computer Science

Abstract:SQL injection, which is a popular and easy to carry out method of remote attacks, poses a major thread to application level security. In this paper, we introduce Pre-analysis of SQL syntax, a fire-new policy to detect and prevent SQL injection attacks. First, all SQL injection attacks are categorized into some classes and for each class a specified syntagma is abstracted and recorded. Then, the user input is picked up and embedded into prepared SQL sentences. Finally, these embedded SQL sentences are syntactically checked. Any find of underlying syntagma recorded as SQL injection tells a SQL injection attack. The implementation of new policy needs neither modification to Web program codes nor any patch to software of server platform. Experiments prove that new policy provides close to perfect detection rate and avoids the conflict between low false positive rate and low false negative rate.

Ying ZHOU,Yong FANG,Cheng HUANG,Liang LIU

DOI: https://doi.org/10.11772/j.issn.1001-9081.2017071692

2018-01-01

Journal of Computer Applications

Abstract:The SQL (Structured Query Language) injection attack is a threat to Web applications.Aiming at SQL injection behaviors in PHP (Hypertext Preprocessor) applications,a model of detecting SQL injection behaviors based on tainting technology was proposed.Firstly,an SQL statement was obtained when an SQL function was executed,and the identity information of the attacker was recorded through PHP extension technology.Based on the above information,the request log was generated and used as the analysis source.Secondly,the SQL parsing process with taint marking was achieved based on SQL grammar analysis and abstract syntax tree.By using tainting technology,multiple features which reflected SQL injection behaviors were extracted.Finally,the random forest algorithm was used to identify malicious SQL requests.The experimental results indicate that the proposed model gets a high accuracy of 96.9％,which is 7.2 percentage points higher than that of regular matching detection technology.The information acquisition module of the proposed model can be loaded in an extended form in any PHP application;therefore,it is transplantable and applicable in security audit and attack traceability.

Jianjun Yang

2012-01-01

Abstract:Programmers fail to judge the legitimacy of the user input data when they write code.In that case,the user can submit a database query code,according to the results of the program returns to get some data he would like to know.This paper introduces the principle and SQL injection vulnerability checking methods,attempts at source level on the SQL injection principle and scanning method for deep analysis,puts forward two kinds of SQL injection prevention solution.

Ding Chen,Qiseng Yan,Chunwang Wu,Jun Zhao

DOI: https://doi.org/10.1088/1742-6596/1757/1/012055

2021-01-01

Journal of Physics: Conference Series

Abstract:Abstract Web application brings us convenience but also has some potential security problems. SQL injection attacks topped the list of Top 10 Network Security Problems released by OWASP, and the detection technology of SQL injection attacks has been one of the hotspots of network security research. In this paper, we propose a SQL injection detection method that does not rely on background rule base by using a natural language processing model and deep learning framework on the basis of comprehensive domestic and international research. The method can improve the accuracy and reduce the false alarm rate while allowing the machine to automatically learn the language model features of SQL injection attacks, greatly reducing human intervention and providing some defense against 0day attacks that never occur.

Yan Zhu,Guidong Zhang,Zhiquan Lai,Boya Niu,Yongjun Shen

DOI: https://doi.org/10.1007/978-3-319-61542-4_27

2018-01-01

Abstract:SQL injection attacks (SQLIA) is one of the topmost threats affects business operations at present. Aho-Corasick (AC) multi-pattern matching algorithm combined with static analysis and dynamic tectonic attack mode to detect and prevent SQL injection attacks effectively. However, for the database, we can also detect and prevent SQL injection with the concept of access to database users and roles. In this paper, we analyze the existing methods of detecting and preventing SQL injection. Besides we extend the traditional AC multi-pattern matching algorithm and propose a two-tiered defence of techniques-the first tier is the fine-grained role-based access control (RBAC) model and the second tier is an extended AC multi-pattern matching algorithm, which improve the detection efficiency and reduce the SQL statement detection time.

Xu Xiaotian,Si Guanlin,Li Min,Gao Ranxin,Chen-Jung Wei

DOI: https://doi.org/10.1109/ITAIC54216.2022.9836786

2022-06-17

Abstract:In view of the risk of SQL injection attack faced by the Web system, this paper proposes a SQL injection attack detection mechanism based on triangle module operator. The method uses the analysis results of web logs and user input as fusion operators to judge whether an attack occurs. At the same time, for the defense against SQL injection attack, this paper believes that the source code vulnerability testing, penetration testing and security configuration verification should be conducted before the Web system goes online, therefore it can improve the security of the information system.

Computer Science

LIAN Kunmei,XU Jing,TIAN Wei,ZHANG Ying

DOI: https://doi.org/10.3778/j.issn.1673-9418.2011.05.010

2011-01-01

Abstract:On the basis of an in-depth analysis of characteristics of SQL(structured query language) injection attacks and defense mechanisms related to SQL injection vulnerability,this paper grades the SQL injection vulnerability according to the level of defense degree,and takes the vulnerability grading as the basis for the equivalence partitioning of SQL injection fuzz testing case.After the optimized choice of SQL injection parameters,it detects the SQL injection vulnerabilities of target Web system initiatively and effectively by imitating hacker attacks,which makes the detection more target-oriented.The equivalence partition of SQL injection parameters ensures the completeness and no redundancy of fuzz testing.

ZHAO Yu-fei,XIONG Gang,HE Long-tao,LI Zhou-jun

DOI: https://doi.org/10.11959/j.issn.1000-436x.2016034

2016-01-01

Abstract:SQL injection attack is one of the main threats that many Web applications faced with. The traditional detection method depended on the clients or servers. Firstly the process of SQL injection attack was analyzed, and then the differences between attack traffic and normal traffic HTTP request length, HTTP connections and feature string were discovered. Based on the request length, request frequency and feature string, a new method, LFF (length-frequency-feature), was proposed to detect SQL injection behaviors from network traffic. The results of experiments indicated that in simulation environments the recall of LFF approach reach up to 95%, and in real network traffic the LFF approach also get a good detection result.

Juanjuan Zhao,Changhua Liu

DOI: https://doi.org/10.1088/1742-6596/1575/1/012094

2020-06-01

Journal of Physics: Conference Series

Abstract:Abstract According to the “Top Ten Security Vulnerabilities List” (OWASPTop 10) released by OWASP in 2017, SQL injection attacks are still at the top of the list, and there are many ways of SQL injection attacks, which cause great harm. Although there are many vulnerability scanning tools, there is still a high rate of false negatives. Aiming at the current problems of SQL injection vulnerability detection, this paper proposes a scanning tool for SQL injection vulnerabilities. First, use the crawler framework scrapy to obtain the URL associated with the form and the a tag, and segment the URL based on the improved simhash algorithm. Deduplicate the link, then analyze the injection point to modify the URL parameter value injection test, and determine whether there is a vulnerability based on the response result of the server. The experimental results show that the detection method achieves a 96.50% URL deduplication rate in the crawler module, which greatly reduces the rate of false negatives. It is more suitable for detecting whether a website has a SQL injection vulnerability.

Yi Wang,Zhoujun Li

DOI: https://doi.org/10.1007/978-3-642-34883-9_21

2012-01-01

Abstract:Database systems are indispensable in modern web applications in order to process and store business information. Due to the contained valuable information, these systems are highly interesting to hackers and their diverse and enormous amount of attacks severely undermine the effectiveness of classical signature-based detection. In this work we propose a novel hybrid approach for learning SQL statements with program tracing techniques in order to detect malicious behavior between the database and application. The approach incorporates the program trace hashing technique and tree structure of SQL queries as well as query name similarity as characteristic to distinguish malicious from benign queries. An prototype learning system integrated in PHP is demonstrated to show the usefulness of our approach on real-world application.

Benjamin Appiah,Eugene Opoku-Mensah,Zhiguang Qin

DOI: https://doi.org/10.1109/icsess.2017.8342983

2017-01-01

Abstract:Web-Based applications are becoming more increasingly technically complex and sophisticated. The very nature of their feature-rich design and their capability to collate, process, and disseminate information over the Internet or from within an intranet makes them a popular target for attack. According to Open Web Application Security Project (OWASP) Top Ten Cheat sheet-2017, SQL Injection Attack is at peak among online attacks. This can be attributed primarily to lack of awareness on software security. Developing effective SQL injection detection approaches has been a challenge in spite of extensive research in this area. In this paper, we propose a signature based SQL injection attack detection framework by integrating fingerprinting method and Pattern Matching to distinguish genuine SQL queries from malicious queries. Our framework monitors SQL queries to the database and compares them against a dataset of signatures from known SQL injection attacks. If the fingerprint method cannot determine the legitimacy of query alone, then the Aho Corasick algorithm is invoked to ascertain whether attack signatures appear in the queries. The initial experimental results of our framework indicate the approach can identify wide variety of SQL injection attacks with negligible impact on performance.

Cao Tian-jie

2009-01-01

Abstract:SQL Injection is a Familiar loophole of Web System,using this loophole,the attacker could directly access the database and could led to great hidden troubles.In this paper, the def inition,principle and injection technology were expounded,we advanced prevention measures from different point of views, and the users could establish their own policies, so the security of the system is improved.

Long Zhang,Donghong Zhang,Chenghong Wang,Jing Zhao,Zhenyu Zhang

DOI: https://doi.org/10.1109/TR.2019.2910285

IF: 5.883

2019-01-01

IEEE Transactions on Reliability

Abstract:SQL injection (SQLi) is one of the chief threats to the security of database-driven Web applications. It can cause serious security issues such as authentication bypassing, privacy leakage, and arbitrary code execution. Dynamic testing techniques are used in SQLi vulnerability discovery, which de-facto approach is to maintain a collection of elaborately designed user inputs (aka. attack payloads) and based on it to compose malicious SQL queries to Web applications. Such techniques are effective to reveal SQLi threats before an application is released, thus reducing the cost of manual analysis, monitoring or postdeployment of other defensive mechanisms. However, because of the diversity of SQLi attacks and the difficulty of SQLi discovery, the process to execute payloads can be costly, time-consuming, and even risky. In this paper, we approach from a test case prioritization perspective to give a more effective SQLi discovery proposal, which is based on adaptive random testing with the aim to successfully trigger an SQLi within limited attempts. To evaluate our method, we conduct an experiment using three extensively adopted open source vulnerable benchmarks. The experiment results indicate that our method ART4SQLi can effectively improve the conventional random testing approach on three common benchmarks by more than 26% in reducing the number of SQLi attempts before accomplishing a successful injection.

Yonghee Shin,L. Williams,Tao Xie

2006-01-01

Abstract:More than half of all of the vulnerabilities reported can be classified as input manipulation, such as SQL injection, cross site scripting, and buffer overflows. Increasingly, automated static analysis tools are being used to identify input manipulation vulnerabilities. However, these tools cannot detect the presence or the effectiveness of black or white list input filters and, therefore, may have a high false positive rate. Our research objective is to facilitate the identification of true input manipulation vulnerabilities via the combination of static analysis, runtime detection, and automatic testing. We propose an approach for SQL injection vulnerability detection, automated by a prototype tool SQLUnitGen. We performed case studies on two small web applications for the evaluation of our approach compared to static analysis for identifying true SQL injection vulnerabilities. In our case study, SQLUnitGen had no false positives, but had a small number of false negatives while the static analysis tool had a false positive for every vulnerability that was actually protected by a white or black list. Future work will focus on removing false negatives from SQLUnitGen and at generalizing the approach for other types of input manipulation vulnerabilities.

Muhammad Saidu Aliero,Kashif Naseer Qureshi,Muhammad Fermi Pasha,Awais Ahmad,Gwanggil Jeon

DOI: https://doi.org/10.1002/cpe.5936

2020-07-22

Concurrency and Computation: Practice and Experience

Abstract:<p>Structure Query Language Injection Attack is among the top 10‐security threats that can be used on the web application to cause severe damage or gain unauthorized data access to the application server. Many reports have indicated an average of 64% of global websites are at risk of being attack by SQL injection, and many of the top companies have experienced thousands of attacks attempts through SQL injection. The current trend shows the increasing number of attacks factor as a result of the daily deployment of these applications without security detection and prevention mechanism is placed. To overcome this challenge, researches in academia and industry presented a proposal that automates SQL injection vulnerabilities assessment on the tested application. Current studies show the need to enhance techniques of these proposals to reduce the false alarms. In this study, we propose a component‐based technique to minimize the incidence of inaccurate results, as well as enable the ease of improving the proposed solution. The study uses three costumed applications as tested to evaluate the accuracy of the proposed solution. Each of these testbed consists of several vulnerabilities where the experimental evaluation performs to test the proposed tool. An empirical evaluation is carried out on three vulnerable custom websites to evaluate the effectiveness of the proposed study. The experiment results indicated significant results in terms of high accuracy. On the other hand, the proposed solution also has better capabilities to analyze page response based on four different techniques. Moreover, the proposed solution is the only solution that performs stored procedure attacks SQL and bypass login authentication even if the returned records are limited restriction is applied.</p>

Asish Kumar Dalai,Sanjay Kumar Jena

DOI: https://doi.org/10.1155/2017/3825373

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevention of SQL injection attack. The classification of SQL injection attacks has been done based on the methods used to exploit this vulnerability. The proposed method proves to be efficient in the context of its ability to prevent all types of SQL injection attacks. Some popular SQL injection attack tools and web application security datasets have been used to validate the model. The results obtained are promising with a high accuracy rate for detection of SQL injection attack.

computer science, information systems,telecommunications

Xin Xie,Chunhui Ren,Yusheng Fu,Jie Xu,Jinhong Guo

DOI: https://doi.org/10.1109/access.2019.2947527

IF: 3.9

2019-01-01

IEEE Access

Abstract:An enterprise's data can be one of its most important assets and often critical to the firm's development and survival. SQL injection attack is ranked first in the top ten risks to network applications by the Open Web Application Security Project (OWASP). Its harmfulness, universality, and severe situation are self-evident. This paper presents a method of SQL injection detection based on Elastic-Pooling CNN (EP-CNN) and compares it with traditional detection methods. This method can output a fixed two-dimensional matrix without truncating data and effectively detects the SQL injection of web applications. Based on the irregular matching characteristics, it can identify new attacks and is harder to bypass.

ZHANG Heng-zhi,XUE Zhi

DOI: https://doi.org/10.3969/j.issn.1009-2552.2011.11.015

2011-01-01

Abstract:Nowadays Web application is very familiar to everyone,everybody is taking advantage of it.Web shopping,gain information,browse website,Internet banking and so on.It’s obvious that modern life can’t live without Web applications.But with the convenience which Web applications brought us,the network security problems are increasing,too.SQL injection is one of the most critical loophole.Because of SQL injection attack method is easy to learn,and its success rate is pretty high,SQL injection becomes one of the major method for hackers to attack Web applications.This article shows how SQL injection attacks,and gives several ways to avoid these kinds of attacks though programming.