Name
Abstract | ||
|---|---|---|
Recent reports reveal that majority of the attacks to Web applications are input manipulation attacks. Among these attacks, SQL injection attack malicious input is submitted to manipulate the database in a way that was unintended by the applications' developers is one such attack. This paper proposes an approach for assisting to code verification process on the defense against SQL injection. The approach extracts all such defenses implemented in code. With the use of the proposed approach, developers, testers or auditors can then check the defenses extracted from code to verify their adequacy. We have evaluated the feasibility, effectiveness, and usefulness of the proposed approach by a set of open-source systems. Our experiment results showed that the proposed approach is effective in extracting all the possible defenses implemented/adopted by Web applications. We observed that the proposed approach would be useful in identifying the false positive cases resulting from other related approaches and auditing the code in order to fix the actual vulnerable cases. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1109/APSEC.2012.18 | APSEC |
Keywords | Field | DocType |
web applications,database,vulnerabilities,semi-automated verification,experiment result,actual vulnerable case,malicious input,software security,input manipulation attack,semiautomated defense verification,sql injection attack,code auditing,static analysis,internet,related approach,sql injection,web application,possible defenses,manipulation attack,formal verification,structured query language,security of data,code verification process,open source system | Computer science,Software security assurance,Code injection,Static analysis,Web application security,Web application,SQL injection,Database,The Internet,Formal verification | Conference |
Volume | ISSN | ISBN |
1 | 1530-1362 | 978-1-4673-4930-7 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Kaiping Liu | 1 | 13 | 5.33 |
| Hee Beng Kuan Tan | 2 | 489 | 45.05 |
| Lwin Khin Shar | 3 | 180 | 14.56 |