Preventing SQL Code Injection by Combining Static and Runtime Analysis

Orso, Alessandro; Lee, Wenke; Shostack, Adam

doi:10.21236/ada482932

Cited by 1 publication

(1 citation statement)

References 26 publications

(13 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By using the context of untrusted output string fragment and intercepted API calls, syntactic content inside is either escaped or the execution is prevented. The work in [27] has similar ideas where only strings originated from external source is considered to be untrusted and syntax evaluation is applied to those strings and the query will only execute if the pattern matching has positive result. The work in [28] prevents more general injection attacks through analyzing the parse tree of query strings.…”

Section: Related Workmentioning

confidence: 99%

Opportunistic Diversity-Based Detection of Injection Attacks in Web Applications

Qu¹,

Huo²,

Wang³

2018

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Web-based applications delivered using clouds are becoming increasingly popular due to less demand of client-side resources and easier maintenance than desktop counterparts. At the same time, larger attack surfaces and developers' lack of security proficiency or awareness leave Web applications particularly vulnerable to security attacks. On the other hand, diversity has long been considered as a viable approach to detecting security attacks since functionally similar but internally different variants of an application will likely respond to the same attack in different ways. However, most diversity-by-design approaches have met difficulties in practice due to the prohibitive cost in terms of both development and maintenance. In this work, we propose to employ opportunistic diversity inherent to Web applications and their database backends to detect injection attacks. We first conduct a case study of common vulnerabilities to confirm the potential of opportunistic diversity for detecting potential attacks. We then devise a multi-stage approach to examine features extracted from the database queries, their effect on the database, the query results, as well as the user-end results. Next, we combine the partial results obtained from different stages using a learning-based approach to further improve the detection accuracy. Finally, we evaluate our approach using a real world Web application.

show abstract

Section: Related Workmentioning

confidence: 99%