Behind an Application Firewall, Are We Safe from SQL Injection Attacks? - Citegraph

Paper Info

Title
Behind an Application Firewall, Are We Safe from SQL Injection Attacks?

Abstract
Web application firewalls are an indispensable layer to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their sophistication require that firewalls be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on web application firewalls and SQL injection attacks. We present a machine learning-based testing approach to detect holes in firewalls that let SQL injection attacks bypass. At the beginning, the approach can automatically generate diverse attack payloads, which can be seeded into inputs of web- based applications, and then submit them to a system that is protected by a firewall. Incrementally learning from the tests that are blocked or passed by the firewall, our approach can then select tests that exhibit characteristics associated with bypassing the firewall and mutate them to efficiently generate new bypassing attacks. In the race against cyber attacks, time is vital. Being able to learn and anticipate more attacks that can circumvent a firewall in a timely manner is very important in order to quickly fix or fine-tune the firewall. We developed a tool that implements the approach and evaluated it on ModSecurity, a widely used application firewall. The results we obtained suggest a good performance and efficiency in detecting holes in the firewall that could let SQLi attacks go undetected.

Year	DOI	Venue
2015	10.1109/ICST.2015.7102581	Software Testing, Verification and Validation
Keywords	Field	DocType
internet,sql,firewalls,learning (artificial intelligence),modsecurity,sql injection attacks,sqli attacks,web application firewalls,bypassing attacks,cyber attacks,machine learning-based testing approach,online system protection,security testing,learning artificial intelligence,databases,security,sql injection,grammar,machine learning,servers,testing	SQL,Bastion host,Security testing,Firewall (construction),Computer science,Computer security,Application firewall,Context-based access control,Web application,SQL injection	Conference
ISSN	Citations	PageRank
2159-4848	10	0.56
References	Authors
14	3

Authors (3 rows)

Cited by (10 rows)

References (14 rows)

Name	Order	Citations	PageRank
Dennis Appelt	1	54	3.39
Cu D. Nguyen	2	224	14.19
Lionel C. Briand	3	8795	481.98

1