Attack Model Based Penetration Test for SQL Injection Vulnerability

Tian, Wei; Yang, Jufeng; Xu, Jing; Si, Guannan

doi:10.1109/compsacw.2012.108

Cited by 21 publications

(11 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In "SQL Injection Attack and Defense", whitelist validation and blacklist validation are two different types of input validation methods to defend against SQL injection [6]. Penetration testing can make up for the deficiencies of blacklist and whitelist filtering defense mechanisms, but it cannot fundamentally solve the deficiencies [7]. Halfond and Orso [8] developed a tool, AMNESIA, based on traditional blacklisting techniques, implementing a combined dynamic and static approach, which in its static part automatically constructs a model of legitimate queries that can be generated by the application.…”

Section: Sql Injection Detection Methodsmentioning

confidence: 99%

“…(6) Time blind injection: it mainly refers to inserting a time delay function in the URL or user input to determine whether the injection is successful by observing whether there is a delay in the web application's response. (7) Multistatement attack: this attack generally uses query separators to add additional queries to the original query to extract, add, and modify data or execute remote commands. e DBMS receives multiple SQL queries, the first is the normal execution of the query, and the subsequent queries are executed to meet the attack.…”

Section: Sql Injection Statementsmentioning

confidence: 99%

See 1 more Smart Citation

Deep Neural Network-Based SQL Injection Detection Method

Zhang

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Among the network security problems, SQL injection is a common and challenging network attack means, which can cause inestimable loop-breaking and loss to the database, and how to detect SQL injection statements is one of the current research hotspots. Based on the data characteristics of SQL statements, a deep neural network-based SQL injection detection model and algorithm are built. The core method is to convert the data into word vector form by word pause method, then form a sparse matrix and pass it into the model for training, build a multihidden layer deep neural network model containing ReLU function, optimize the traditional loss function, and introduce Dropout method to improve the generalization ability of this model. The accuracy of the final model is maintained at over 96%. By comparing the experimental results with traditional machine learning algorithms and LSTM algorithms, the proposed algorithm effectively solves the problems of overfitting in machine learning and the need for manual screening to extract features, which greatly improves the accuracy of SQL injection detection.

show abstract

Section: Sql Injection Detection Methodsmentioning

confidence: 99%

Section: Sql Injection Statementsmentioning

confidence: 99%

Deep Neural Network-Based SQL Injection Detection Method

Zhang

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Tian et al [11] concentrate on penetration test cases for web applications by modeling SQLI attacks using security goal models (SGM's) from [12]. First they describe a general view for the attack, then they branch this model further by concentrating on the type of goals the attacker has in mind, e.g.…”

Section: Related Workmentioning

confidence: 99%

“…Namely, we choose the Advanced Combinatorial Testing System (ACTS) 11 in order to generate input strings, which is a tool for the generation of combinatorial multi-way test sets according to specified parameter elements, which in 11 http://csrc.nist.gov/groups/SNS/acts/documents/comparison-report.html our case is adapted to HTML so valid scripts are constructed. Generally speaking, the tool is used in combinatorial testing and is also considered in the area of automated software testing.…”

Section: Precondition(s)mentioning

confidence: 99%

Security Testing Based on Attack Patterns

Božić

Wotawa

2014

2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

Testing for security related issues is an important task of growing interest due to the vast amount of applications and services available over the internet. In practice testing for security often is performed manually with the consequences of higher costs, and no integration of security testing with today's agile software development processes. In order to bring security testing into practice, many different approaches have been suggested including fuzz testing and model-based testing approaches. Most of these approaches rely on models of the system or the application domain. In this paper we suggest to formalize attack patterns from which test cases can be generated and even executed automatically. Hence, testing for known attacks can be easily integrated into software development processes where automated testing, e.g., for daily builds, is a requirement. The approach makes use of UML state charts. Besides discussing the approach, we illustrate the approach using a case study.

show abstract

“…Traditional test case generation techniques mainly rely on software engineers to specify rules to create a set of semantically tailored test cases, either in a manual [3,4] or semi -automatic manner [5][6][7]. Such process is of limited flexibility due to the restriction of human crafted rules.…”

Section: Introductionmentioning

confidence: 99%

DeepSQLi: Deep Semantic Learning for Testing SQL Injection

Liu

Chen

2020

Preprint

View full text Add to dashboard Cite

Security is unarguably the most serious concern for Web applications, to which SQL injection (SQLi) attack is one of the most devastating attacks. Automatically testing SQLi vulnerabilities is of ultimate importance, yet is unfortunately far from trivial to implement. This is because the existence of a huge, or potentially infinite, number of variants and semantic possibilities of SQL leading to SQLi attacks on various Web applications. In this paper, we propose a deep natural language processing based tool, dubbed DeepSQLi, to generate test cases for detecting SQLi vulnerabilities. Through adopting deep learning based neural language model and sequence of words prediction, DeepSQLi is equipped with the ability to learn the semantic knowledge embedded in SQLi attacks, allowing it to translate user inputs (or a test case) into a new test case, which is semantically related and potentially more sophisticated. Experiments are conducted to compare DeepSQLi with SQLmap, a state-of-the-art SQLi testing automation tool, on six real-world Web applications that are of different scales, characteristics and domains. Empirical results demonstrate the effectiveness and the remarkable superiority of DeepSQLi over SQLmap, such that more SQLi vulnerabilities can be identified by using a less number of test cases, whilst running much faster.

show abstract

Attack Model Based Penetration Test for SQL Injection Vulnerability

Cited by 21 publications

References 11 publications

Deep Neural Network-Based SQL Injection Detection Method

Deep Neural Network-Based SQL Injection Detection Method

Security Testing Based on Attack Patterns

DeepSQLi: Deep Semantic Learning for Testing SQL Injection

Contact Info

Product

Resources

About