Semi-automated verification of defense against SQL injection in web applications

Semi-automated verification of defense against SQL injection in web applications

Recent reports reveal that majority of the attacks to Web applications are input manipulation attacks. Among these attacks, SQL injection attack malicious input is submitted to manipulate the database in a way that was unintended by the applications' developers is one such attack. This paper pr...

Full description

Bibliographic Details
Main Authors:	Liu, Kaiping, Tan, Hee Beng Kuan, Shar, Lwin Khin
Other Authors:	School of Electrical and Electronic Engineering
Format:	Conference Paper
Language:	English
Published:	2013
Online Access:	https://hdl.handle.net/10356/96596 http://hdl.handle.net/10220/12895

Similar Items

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: Shar, Lwin Khin, et al.
Published: (2013)

Mitigating SQL injection and cross site scripting vulnerabilities using program analysis and data mining techniques
by: Shar, Lwin Khin
Published: (2013)

Automated removal of cross site scripting vulnerabilities in web applications
by: Shar, Lwin Khin, et al.
Published: (2013)

Auditing the XSS defence features implemented in web application programs
by: Shar, Lwin Khin, et al.
Published: (2013)

Defending against cross-site scripting attacks
by: Shar, Lwin Khin, et al.
Published: (2013)

Predicting common web application vulnerabilities from input validation and sanitization code patterns
by: Shar, Lwin Khin, et al.
Published: (2013)

SQL-injection vulnerability scanning tool for automatic creation of SQL-injection attacks
by: Bashah Mat Ali, Abdul, et al.
Published: (2011)

SQL-injection vulnerability scanning tool for automatic creation of SQL-injection attacks
by: Mat Ali, Abdul Bashah, et al.
Published: (2011)

Automated insertion of exception handling for key and referential constraints
by: Liu, Kaiping, et al.
Published: (2013)

Review of SQL injection : problems and prevention
by: Mohd Yunus, Mohd Amin, et al.
Published: (2018)

SQL Injection attack roadmap and fusion
by: Umar, Kabir, et al.
Published: (2016)

Security testing of web applications for detecting and removing second-order SQL injection vulnerabilities
by: Draib, Najla'a Ateeq Mohammed
Published: (2022)

Automated verification and testing of user-interactive undo features in database applications
by: Tan, Hee Beng Kuan, et al.
Published: (2013)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: Thome, Julian, et al.
Published: (2021)

Enhanced pushdown automaton based static analysis for detection of SQL injection Hotspots in web application
by: Umar, Kabir, et al.
Published: (2016)

The impact of SQL injection attacks on the security of databases
by: Thiyab, Rua Mohamed, et al.
Published: (2017)

Systematic literature review on SQL injection attack
by: Aminu, Lawal Muhammad, et al.
Published: (2016)

Case study on SQL injection security attack
by: Low, Kok Jun.
Published: (2010)

A detailed survey on various aspects of SQL injection in web applications: vulnerabilities, innovative attacks and remedies
by: Diallo , Abdoulaye Kindy, et al.
Published: (2013)

SQL injection detection and exploitation framework for penetration testing
by: Kazmi, Muhammad Ali Naqi
Published: (2019)

Taxonomy of SQL Injection: ML Trends & Open Challenges
by: Abobakr Busaeed, Raed Abdullah, et al.
Published: (2023)

Comparison of security testing approaches for detection of SQL injection vulnerabilities
by: Mohammed Draib, Najla’a Ateeq, et al.
Published: (2018)

A Survey on SQL injection: vulnerabilities, attacks, and prevention techniques
by: Kindy, Diallo Abdoulaye, et al.
Published: (2011)

Comparing web vulnerability scanners with a new method for SQL injection vulnerabilities detection and removal EPSQLiFix
by: Md Sultan, Abu Bakar, et al.
Published: (2018)

Scalable malware clustering through coarse-grained behavior modeling
by: Chandramohan, Mahinthan, et al.
Published: (2013)

Restaurant O SIX JOINT online ordering system with anti-SQL injection
by: Tang, Jie Yi, et al.
Published: (2021)

Web based indexing and retrieval system using SQL server.
by: Chong, Damon Chew Wai.
Published: (2008)

Analysis of moving target defense against false data injection attacks on power grid
by: Zhang, Z., et al.
Published: (2021)

A detailed survey on various aspects of SQL Injection: vulnerabilities, innovative attacks, and remedies
by: Diallo , Abdoulaye Kindy, et al.
Published: (2011)

Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach
by: Umar, Kabir, et al.
Published: (2014)

ANALISIS FORENSIK JARINGAN STUDI KASUS SERANGAN SQL INJECTION PADA SERVER UNIVERSITAS GADJAH MADA
by: , Resi Utami Putri, et al.
Published: (2012)

SQL-ACT : content-based and history-aware input prediction for non-trivial SQL queries
by: Manzi, Eric R
Published: (2018)

Rubicon: Bounded Verification of Web Applications
by: Jackson, Daniel, et al.
Published: (2014)

Safety verification for automated vehicle maneuvers
by: Dolginova, Ekaterina, 1977-
Published: (2009)

Has this bug been reported?
by: Liu, Kaiping, et al.
Published: (2013)

Automating modular program verification by refining specifications
by: Taghdiri, Mana, 1979-
Published: (2008)

Pengembangan sistem informasi rekam medis kedokteran gigi berbasisWEB menggunakan PHPdan MySQL
by: Hartanto, Dwi, et al.
Published: (2007)

Verification process for web design of UEWDM
by: Mubin, Siti Azreena, et al.
Published: (2017)

Using MySQL for learning management system
by: Saudi, Azali, et al.
Published: (2004)

Privacy-preserving SQL queries for encrypted databases
by: Tan, Chun Wen
Published: (2020)