DocumentCode :
1728456
Title :
Automated Fix Generator for SQL Injection Attacks
Author :
Dysart, Fred ; Sherriff, Mark
Author_Institution :
Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA
fYear :
2008
Firstpage :
311
Lastpage :
312
Abstract :
A critical problem facing todaypsilas Internet community is the increasing number of attacks exploiting flaws found in Web applications. This paper specifically targets input validation vulnerabilities found in SQL queries that may lead to SQL Injection Attacks (SQLIAs). We introduce a tool that automatically detects and suggests fixes to SQL queries that are found to contain SQL Injection Vulnerabilities (SQLIVs). Testing was performed against phpBB v2.0, an open source forum package, to determine the accuracy and efficacy of our software.
Keywords :
Internet; SQL; query processing; security of data; Internet; SQL injection vulnerability; SQL query; Web application; automated fix generator; Application software; Computer science; Databases; Graphical user interfaces; Internet; Java; Reliability engineering; Software maintenance; Software reliability; Software testing; Automated Fix Generation; MySQL; PHP; SQL Injection Attack;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Reliability Engineering, 2008. ISSRE 2008. 19th International Symposium on
Conference_Location :
Seattle, WA
ISSN :
1071-9458
Print_ISBN :
978-0-7695-3405-3
Electronic_ISBN :
1071-9458
Type :
conf
DOI :
10.1109/ISSRE.2008.44
Filename :
4700351
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1728456
بازگشت