{"title":"Analysis & Detection of SQL Injection Vulnerabilities via Automatic Test Case Generation of Programs","authors":"Michelle Ruse, Tanmoy Sarkar, Samik Basu","doi":"10.1109/SAINT.2010.60","DOIUrl":null,"url":null,"abstract":"SQL injection attacks occur due to vulnerabilities in the design of queries where a malicious user can take advantage of input opportunities to insert code in the queries that modify the query-conditions resulting in unauthorized database access. We provide a novel technique to identify the possibilities of such attacks. The central theme of our technique is based on automatically developing a model for a SQL query such that the model captures the dependencies between various components (sub-queries) of the query. We, then, analyze the model using CREST test-case generator and identify the conditions under which the query corresponding to the model is deemed vulnerable. We further analyze the obtained condition-set to identify its subset; this subset being referred to as the causal set of the vulnerability. Our technique considers the semantics of the query conditions, i.e., the relationship between the conditions, and as such complements the existing techniques which only rely on syntactic structure of the SQL query. In short, our technique can detect vulnerabilities in nested SQL queries, and can provide results with no false positives or false negatives when compared to the existing techniques.","PeriodicalId":381377,"journal":{"name":"2010 10th IEEE/IPSJ International Symposium on Applications and the Internet","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"50","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 10th IEEE/IPSJ International Symposium on Applications and the Internet","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINT.2010.60","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 50
Abstract
SQL injection attacks occur due to vulnerabilities in the design of queries where a malicious user can take advantage of input opportunities to insert code in the queries that modify the query-conditions resulting in unauthorized database access. We provide a novel technique to identify the possibilities of such attacks. The central theme of our technique is based on automatically developing a model for a SQL query such that the model captures the dependencies between various components (sub-queries) of the query. We, then, analyze the model using CREST test-case generator and identify the conditions under which the query corresponding to the model is deemed vulnerable. We further analyze the obtained condition-set to identify its subset; this subset being referred to as the causal set of the vulnerability. Our technique considers the semantics of the query conditions, i.e., the relationship between the conditions, and as such complements the existing techniques which only rely on syntactic structure of the SQL query. In short, our technique can detect vulnerabilities in nested SQL queries, and can provide results with no false positives or false negatives when compared to the existing techniques.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
