TY - GEN
T1 - Sania
T2 - 23rd Annual Computer Security Applications Conference, ACSAC 2007
AU - Kosuga, Yuji
AU - Kono, Kenji
AU - Hanaoka, Miyuki
AU - Hishiyama, Miho
AU - Takahama, Yu
PY - 2007
Y1 - 2007
N2 - With the recent rapid increase in interactive web applications that employ back-end database services, an SQL injection attack has become one of the most serious security threats. The SQL injection attack allows an attacker to access the underlying database, execute arbitrary commands at intent, and receive a dynamically generated output, such as HTML web pages. In this paper, we present our technique, Sania, for detecting SQL injection vulnerabilities in web applications during the development and debugging phases. Sania intercepts the SQL queries between a web application and a database, and automatically generates elaborate attacks according to the syntax and semantics of the potentially vulnerable spots in the SQL queries. In addition, Sania compares the parse trees of the intended SQL query and those resulting after an attack to assess the safety of these spots. We evaluated our technique using real-world web applications and found that our solution is efficient in comparison with a popular web application vulnerabilities scanner. We also found vulnerability in a product that was just about to be released.
AB - With the recent rapid increase in interactive web applications that employ back-end database services, an SQL injection attack has become one of the most serious security threats. The SQL injection attack allows an attacker to access the underlying database, execute arbitrary commands at intent, and receive a dynamically generated output, such as HTML web pages. In this paper, we present our technique, Sania, for detecting SQL injection vulnerabilities in web applications during the development and debugging phases. Sania intercepts the SQL queries between a web application and a database, and automatically generates elaborate attacks according to the syntax and semantics of the potentially vulnerable spots in the SQL queries. In addition, Sania compares the parse trees of the intended SQL query and those resulting after an attack to assess the safety of these spots. We evaluated our technique using real-world web applications and found that our solution is efficient in comparison with a popular web application vulnerabilities scanner. We also found vulnerability in a product that was just about to be released.
UR - http://www.scopus.com/inward/record.url?scp=48649100112&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=48649100112&partnerID=8YFLogxK
U2 - 10.1109/ACSAC.2007.20
DO - 10.1109/ACSAC.2007.20
M3 - Conference contribution
AN - SCOPUS:48649100112
SN - 0769530605
SN - 9780769530604
T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC
SP - 107
EP - 116
BT - Proceedings - 23rd Annual Computer Security Applications Conference, ACSAC 2007
Y2 - 10 December 2007 through 14 December 2007
ER -