Xiaohu Yang,Yixi Chen,Wenyu Zhang,Shuai Zhang

DOI: https://doi.org/10.1007/s00170-010-2983-x

IF: 3.563

2010-01-01

The International Journal of Advanced Manufacturing Technology

Abstract:Security is one of the key challenges for the development of distributed collaborative manufacturing systems. Most of the access control models of collaborative systems cannot prevent illegal accesses to column/row levels of a database table, which could be caused by command injection. This paper firstly presents the possible injection attacks in RDBMS -based collaborative system on the Semantic Web and gives their classification. Based on this classification, the paper then describes an attempt at detecting command injections to the distributed collaborative manufacturing systems by comparing the inputs related nodes that are intended with the resulting parse tree in run time. To validate the proposed approach, a prototype system called “ SemGuard ” has been developed. By testing on two commonly used RDF databases and one real Semantic Web application, it shows that SemGuard is efficient, taking less than 10 ms overhead to protect the context information of a distributed collaborative manufacturing system.

Alex Zhu,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2017100106

2017-01-01

International Journal of Digital Crime and Forensics

Abstract:SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack DDoS. The DDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectively detect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims may not be even aware of that their confidential data has been compromised for a long time. In this paper, our contribution is that we evaluate several most popular open source SQLIA tools and SQLIA prevention tools with both qualitative and quantitative assessments.

朱辉,沈明星,李善平

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.10.059

2010-01-01

Abstract:This paper studies the code injection vulnerabilities of Web application,modifies and expands the definition of this kind of vulnerabilities with summarizing and analyzing the features of them,and transforms the causes of vulnerabilities into two kinds of coding errors to present a new test method based on testing the two kinds of coding errors.Experimental result shows that the test method can test all the code injection vulnerabilities of Web application effectively with less test workload.

Xu Xiaotian,Si Guanlin,Li Min,Gao Ranxin,Chen-Jung Wei

DOI: https://doi.org/10.1109/ITAIC54216.2022.9836786

2022-06-17

Abstract:In view of the risk of SQL injection attack faced by the Web system, this paper proposes a SQL injection attack detection mechanism based on triangle module operator. The method uses the analysis results of web logs and user input as fusion operators to judge whether an attack occurs. At the same time, for the defense against SQL injection attack, this paper believes that the source code vulnerability testing, penetration testing and security configuration verification should be conducted before the Web system goes online, therefore it can improve the security of the information system.

Computer Science

Muhammad Saidu Aliero,Imran Ghani,Kashif Naseer Qureshi,Mohd Fo’ad Rohani

DOI: https://doi.org/10.1007/s12652-019-01235-z

IF: 3.662

2019-02-07

Journal of Ambient Intelligence and Humanized Computing

Abstract:SQL Injection Attack (SQLIA) is one of the most severe attack that can be used against web database-driven applications. Attackers use SQLIA to obtain unauthorized access and perform unauthorized data modifications due to initial improper input validation by the web application developer. Various studies have shown that, on average, 64% of web applications worldwide are vulnerable to SQLIA due to improper input. To mitigate the devastating problem of SQLIA, this research proposes an automatic black box testing for SQL Injection Vulnerability (SQLIV). This acts to automate an SQLIV assessment in SQLIA. In addition, recent studies have shown that there is a need for improving the effectiveness of existing SQLIVS in order to reduce the cost of manual inspection of vulnerabilities and the risk of being attacked due to inaccurate false negative and false positive results. This research focuses on improving the effectiveness of SQLIVS by proposing an object-oriented approach in its development in order to help and minimize the incidence of false positive and false negative results, as well as to provide room for improving a proposed scanner by potential researchers. To test and validate the accuracy of research work, three vulnerable web applications were developed. Each possesses a different type of vulnerabilities and an experimental evaluation was used to validate the proposed scanner. In addition, an analytical evaluation is used to compare the proposed scanner with the existing academic scanners. The result of the experimental analysis shows significant improvement by achieving high accuracy compared to existing studies. Similarly, the analytical evaluations showed that the proposed scanner is capable of analyzing attacked page response using four different techniques.

computer science, information systems,telecommunications, artificial intelligence

Ding Chen,Qiseng Yan,Chunwang Wu,Jun Zhao

DOI: https://doi.org/10.1088/1742-6596/1757/1/012055

2021-01-01

Journal of Physics: Conference Series

Abstract:Abstract Web application brings us convenience but also has some potential security problems. SQL injection attacks topped the list of Top 10 Network Security Problems released by OWASP, and the detection technology of SQL injection attacks has been one of the hotspots of network security research. In this paper, we propose a SQL injection detection method that does not rely on background rule base by using a natural language processing model and deep learning framework on the basis of comprehensive domestic and international research. The method can improve the accuracy and reduce the false alarm rate while allowing the machine to automatically learn the language model features of SQL injection attacks, greatly reducing human intervention and providing some defense against 0day attacks that never occur.

lei xue,yangyang liu,tianqi li,kaifa zhao,jianfeng li,le yu,xiapu luo,yajin zhou,guofei gu

2022-01-01

Abstract:Modern vehicles are equipped with many ECUs (Electronic Control Unit) that are connected to the IVN (In-Vehicle Network) for controlling the vehicles. Meanwhile, various interfaces of vehicles, such as OBD-II port, T-Box, sensors, and telematics, implement the interaction between the IVN and external environment. Although rich value-added functionalities can be provided through these interfaces, such as diagnostics and OTA (Over The Air) updates, the adversary may also inject malicious data into IVN, thus causing severe safety issues. Even worse, existing defense approaches mainly focus on detecting the injection attacks launched from IVN, such as malicious/compromised ECUs, by analyzing CAN frames, and cannot defend against the higher layer MIAs (Message Injection Attacks) that can cause abnormal vehicle dynamics. In this paper, we propose a new state-aware abnormal message injection attack defense approach, named SAID. It detects the abnormal data to be injected into IVN by considering the data semantics and the vehicle dynamics and prevents the MIAs launched from devices connected to the vehicles, such as the compromised diagnostic tools and T-boxes. We develop a prototype of SAID for defending against MIAs and evaluate it using both real road data and simulation data. The experimental results show that SAID can defend against more than 99% of the network and service layer attack traffic and all state layer MIAs, effectively enforcing the safety of vehicles.

Asish Kumar Dalai,Sanjay Kumar Jena

DOI: https://doi.org/10.1155/2017/3825373

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevention of SQL injection attack. The classification of SQL injection attacks has been done based on the methods used to exploit this vulnerability. The proposed method proves to be efficient in the context of its ability to prevent all types of SQL injection attacks. Some popular SQL injection attack tools and web application security datasets have been used to validate the model. The results obtained are promising with a high accuracy rate for detection of SQL injection attack.

computer science, information systems,telecommunications

Yongzhen Li,Gaolong Wang

DOI: https://doi.org/10.1109/ISAIEE57420.2022.00089

2022-12-01

Abstract:With the rapid development of the internet in China, we are dealing with web sites all the time, but with this comes the increasing vulnerability of various web applications. The vulnerability of web applications can be used to steal information, account theft and fraud, threatening the security of web applications. Therefore, the security detection of web applications is particularly important. This paper introduces the background of today's web application scanning technology, analyses the importance of securing web sites, and focuses on the history and future development trends of web application vulnerability scanning at home and abroad. The system is based on the OWASP Top 10 vulnerabilities of SQL injection and XSS, which have a large impact. By analysing the risks and principles of these two vulnerabilities, a scanning system is designed to run on the Windows platform.

Computer Science

Muhammad Saidu Aliero,Kashif Naseer Qureshi,Muhammad Fermi Pasha,Awais Ahmad,Gwanggil Jeon

DOI: https://doi.org/10.1002/cpe.5936

2020-07-22

Concurrency and Computation: Practice and Experience

Abstract:<p>Structure Query Language Injection Attack is among the top 10‐security threats that can be used on the web application to cause severe damage or gain unauthorized data access to the application server. Many reports have indicated an average of 64% of global websites are at risk of being attack by SQL injection, and many of the top companies have experienced thousands of attacks attempts through SQL injection. The current trend shows the increasing number of attacks factor as a result of the daily deployment of these applications without security detection and prevention mechanism is placed. To overcome this challenge, researches in academia and industry presented a proposal that automates SQL injection vulnerabilities assessment on the tested application. Current studies show the need to enhance techniques of these proposals to reduce the false alarms. In this study, we propose a component‐based technique to minimize the incidence of inaccurate results, as well as enable the ease of improving the proposed solution. The study uses three costumed applications as tested to evaluate the accuracy of the proposed solution. Each of these testbed consists of several vulnerabilities where the experimental evaluation performs to test the proposed tool. An empirical evaluation is carried out on three vulnerable custom websites to evaluate the effectiveness of the proposed study. The experiment results indicated significant results in terms of high accuracy. On the other hand, the proposed solution also has better capabilities to analyze page response based on four different techniques. Moreover, the proposed solution is the only solution that performs stored procedure attacks SQL and bypass login authentication even if the returned records are limited restriction is applied.</p>

DING Xiang,QIU Yin,ZHENG Tao

DOI: https://doi.org/10.3969/j.issn.1000.3842.2011.11.052

2011-01-01

Abstract:The wide-spread use of PHP in Web application development makes PHP Web application become the target of many malicious attackers.On the basis of this,through the modification of PHP interpreter and runtime libraries,the PHP Web applications can prevent SQL injection attack without the modification of the original applications.Different from traditional preventing method based on dynamic tainting,this paper uses the tainting mechanism based on trusted input tainting and SQL dialect-aware check method,solves many existing problems of traditional preventing methods.As a result,this method improves the preciseness of traditional preventing method,without any false positives.Experimental result shows that the method is precise and highly efficient,has little overhead for the PHP Web applications.

SUN Yi,HU Yu-ji,HUANG Hao

DOI: https://doi.org/10.3969/j.issn.1001-3695.2010.09.088

2010-01-01

Abstract:SQL injection attacks pose a serious threat to the security of Web applications because they can give attackers unrestricted access to databases that contain sensitive information. This paper proposed a new method based on sequence alignment for protecting existing Web applications against SQL injection. Elaborated implementation and detection pattern with sequence alignment algorithm in detail. Finally analyzed and tested the correctness and performance of the method. Experimental results show that this method is simple and effective.

Jingyuan Sheng

DOI: https://doi.org/10.1155/2022/6207275

2022-07-30

Mobile Information Systems

Abstract:In the process of SQL injection attack and defense of power dispatching data network, in order to ensure the accuracy of identification and defense, it is often necessary to build a rule base. However, the scale of the temporarily constructed rule base is limited, which is easy to cause false positives and omissions. Based on the traditional defense, data mining technology is introduced to design a SQL injection attack and defense technology for power dispatching data network. First, the SQL injection attack is analyzed, and the attack flow diagram is obtained as the basis of attack identification. Using the ITFIDF algorithm in data mining technology, combined with the dataset distribution diagram of conventional words and sensitive characters, the SQL injection attack is detected. Design the SQL injection attack early warning mechanism, establish the SQL injection attack defense model, and optimize the workflow of the defense model. The performance test results show that compared with the traditional defense technology, the proposed technology has certain advantages in false alarm rate and running time.

computer science, information systems,telecommunications

George S. Oreku

DOI: https://doi.org/10.9734/ajrcos/2022/v14i4304

2022-12-17

Asian Journal of Research in Computer Science

Abstract:SQL injection attack is one of the most serious security vulnerabilities in many Databases Managements systems. Most of these vulnerabilities are caused by lack of input validation and SQL parameters used particularity at this time of technology revolution. The results of a SQL injection attack (SQLIA) are unpleasant because the attacker could wipe the entire contents of the victim's database or shut it down. As such, SQLIA can be used as important weapons in cyber warfare. As an attempt of breaching of number of application data bases systems two SQL injection techniques were used to successful locating vulnerable points during this research which are Blind Text Injection Differential and Error based Exploitation. The motivations behind were to find out where the databases systems are most likely to face an attack and proactively shore up those weaknesses before exploitation by hackers. The success of both techniques is a result of poor web server (online database server) design especially in the selection of error messages (or answers) they display to website users if something goes wrong. The approach through examination of error messages (error codes) did enable to precisely know the backend Database Management System (DBMS) type and version and what exactly are parameters (variables) which can allow “illegally” injecting codes (a SQL query). Additionally, the paper presents SQLIA cases and their impact in Tanzania cyber space as well as it suggests the possible mitigation ways while reflecting the collected data with what currently existing in cyberworld as far as SQL injection attack is concern to present the reality.

Swapnil Kharche,Jagdish patil,Kanchan Gohad,Bharti Ambetkar

DOI: https://doi.org/10.48550/arXiv.1504.06920

2015-04-27

Abstract:SQL injection attacks, a class of injection flaw in which specially crafted input strings leads to illegal queries to databases, are one of the topmost threats to web applications. A Number of research prototypes and commercial products that maintain the queries structure in web applications have been developed. But these techniques either fail to address the full scope of the problem or have limitations. Based on our observation that the injected string in a SQL injection attack is interpreted differently on different <a class="link-external link-http" href="http://databases.Injection" rel="external noopener nofollow">this http URL</a> attack is a method that can inject any kind of malicious string or anomaly string on the original string. Pattern matching is a technique that can be used to identify or detect any anomaly packet from a sequential action. Most of the pattern based techniques are used static analysis and patterns are generated from the attacked statements. In this paper, we proposed a detection and prevention technique for preventing SQL Injection Attack using AhoCorasick pattern matching algorithm. In this paper, we proposed an overview of the architecture. In the initial stage evaluation, we consider some sample of standard attack patterns and it shows that the proposed algorithm is works well against the SQL Injection Attack.

Databases,Cryptography and Security

Qing Wang,Qinghua Zheng,Xiaohong Guan,Zhefei Zhang

DOI: https://doi.org/10.3321/j.issn:0253-987X.2007.04.013

2007-01-01

Abstract:Based on reverse deduction with proof-tree, a method for detecting SQL injection vulnerabilities which are ubiquitous in Web applications is presented. Differing from traditional real time security strategies such as IDS and firewall, the origin of producing attack can be found by directly mining source codes vulnerabilities. The essentials are to track reversely the variables that are related to database (DB) script operations and check whether they are influenced from outside so as to control the hidden damage existing in the DB operations. The experimental results show that the proposed method can accurately verify the security of 53. 8% DB operations, and it is applicable for any type of Web application platforms configured with different script languages and database systems.

Zhang Huilin,Ding Yu,Zhang Lihua,Duan Lei,Zhang Chao,Wei Tao,Li Guancheng,Han Xinhui

DOI: https://doi.org/10.7544/issn1000-1239.2016.20160443

2016-01-01

Abstract:SQL injection attacks are prevalent Web threats .Researchers have proposed many taint analysis solutions to defeat this type of attacks ,but few are efficient and practical to deploy .In this paper ,we propose a practical and accurate SQL injection prevention method by tainting trusted sensitive characters into extended UTF‐8 encodings .Unlike typical positive taint analysis solutions that taint all characters in hard‐coded strings written by the developer ,we only taint the trusted sensitive characters in these hard‐coded strings .Furthermore ,rather than modifying Web application interpreter to track taint information in extra memories ,we encode the taint metadata into the bytes of trusted sensitive characters ,by utilizing the characteristics of UTF‐8 encoding .Lastly ,we identify and escape untrusted sensitive characters in SQL statements to prevent SQL injection attacks ,without parsing the SQL statements .A prototype called PHPGate is implemented as an extension on the PHP Zend engine .The evaluation results show that PHPGate can protect Web applications from real world SQL injection attacks and introduce a low performance overhead (less than 1 .6% ) .

Jiao Ma,Kun Chai,Yao Xiao,Tian Lan,Wei Huang

DOI: https://doi.org/10.1109/icm.2011.287

2011-09-01

Abstract:In order to solve the problems that IDSs and firewalls cannot efficiently detect new SQL injection and too much time is wasted when the security personnel reads log files to analyze attacks, we proposed and implemented a high-interaction web honeypot system for SQL injection analysis. By (i)modifying PHP extension for MySQL to intercept database requests and (ii)adopting exception based and signature based detection techniques, the system can generate the corresponding attack graphs to solve problems above. For illustration, SQL injection attack examples are utilized to show the performance of the honeypot system. The results show that the honeypot system can intercept all database requests and increase the efficiency of SQL injection analysis with the attack graphs. This system provides an efficient and timely detection on the new SQL injection and helps security personnel quickly analyzing the new SQL injection with the attack graph.

Ye Du,Jiqiang Liu,Jieyuan Li,Cheng Li

DOI: https://doi.org/10.1115/1.802977.paper187

2009-01-01

Abstract:Based on the analysis of several kinds of methods generally used to intercept network packets in different layers, a NDIS intermediate driver-based defense mechanism for SQL injection attack is proposed, and the structure is designed. The system is composed of NDIS-based data package capture module, SQL injection attack detection module and rules base. Characteristics of every entity are discussed in detail. Finally, experiments results show that the system can detect SQL injection attacks and intercept malicious packets effectively.

Li Siyi

DOI: https://doi.org/10.1109/APCT58752.2023.00009

2023-01-01

Abstract:Currently, methods to prevent common high-risk Web intrusion technologies such as SQL injection, XSS cross-site scripting, Webshell, etc., include precompiled SQL statements, Httponly, feature matching, regular filtering, global filtering of user input, etc. However, based on traditional intrusion detection models, complex Web intrusion technologies cannot be effectively identified. High false alarm rate, poor timeliness and other problems. Therefore, a one-layer RBM structure training model for common high-risk Web intrusion detection techniques is proposed in this paper, and the effectiveness and superiority of the proposed model are verified by experiments. It only needs to analyze and extract the required features of the model, and these features can be input into the model to detect the attack behavior in real time. The attack characteristics of these intrusion techniques are analyzed and the requests obtained from the URL are used as training data, including the SQL injection data set obtained by Tamper injection in the secondary development of SQLMAP. The deep Belief network (DBN) model is used to train the selected features and the collected sample data. Finally, an optimal model of SQL injection, XSS cross-site scripting, Webshell attack can be recognized, and real-time detection can be realized online.

Computer Science