Semi-automated verification of defense against SQL injection in web applications

Semi-automated verification of defense against SQL injection in web applications

Recent reports reveal that majority of the attacks to Web applications are input manipulation attacks. Among these attacks, SQL injection attack malicious input is submitted to manipulate the database in a way that was unintended by the applications' developers is one such attack. This paper pr...

Full description

Saved in:

Bibliographic Details
Main Authors:	Liu, Kaiping, Tan, Hee Beng Kuan, Shar, Lwin Khin
Other Authors:	School of Electrical and Electronic Engineering
Format:	Conference or Workshop Item
Language:	English
Published:	2013
Online Access:	https://hdl.handle.net/10356/96596 http://hdl.handle.net/10220/12895
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Nanyang Technological University
Language:	English

Similar Items

Semi-automated verification of defense against SQL injection in web applications
by: LIU, Kaiping, et al.
Published: (2012)

Defeating SQL injection
by: SHAR, Lwin Khin, et al.
Published: (2012)

Auditing the defense against cross site scripting in web applications
by: SHAR, Lwin Khin, et al.
Published: (2010)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: Shar, Lwin Khin, et al.
Published: (2013)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: SHAR, Lwin Khin, et al.
Published: (2012)

Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns
by: SHAR, Lwin Khin, et al.
Published: (2013)

Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis
by: SHAR, Lwin Khin, et al.
Published: (2013)

Automated removal of cross site scripting vulnerabilities in web applications
by: Shar, Lwin Khin, et al.
Published: (2013)

Automated removal of cross site scripting vulnerabilities in web applications
by: SHAR, Lwin Khin, et al.
Published: (2011)

Mitigating SQL injection and cross site scripting vulnerabilities using program analysis and data mining techniques
by: Shar, Lwin Khin
Published: (2013)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

Auditing the XSS defence features implemented in web application programs
by: Shar, Lwin Khin, et al.
Published: (2013)

Auditing the XSS defence features implemented in web application programs
by: SHAR, Lwin Khin, et al.
Published: (2012)

Predicting common web application vulnerabilities from input validation and sanitization code patterns
by: Shar, Lwin Khin, et al.
Published: (2013)

Predicting common web application vulnerabilities from input validation and sanitization code patterns
by: SHAR, Lwin Khin, et al.
Published: (2012)

Web application vulnerability prediction using hybrid program analysis and machine learning
by: SHAR, Lwin Khin, et al.
Published: (2014)

Defending against cross-site scripting attacks
by: Shar, Lwin Khin, et al.
Published: (2013)

Defending against cross site scripting attacks
by: SHAR, Lwin Khin, et al.
Published: (2011)

Automated verification and testing of user-interactive undo features in database applications
by: Tan, Hee Beng Kuan, et al.
Published: (2013)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: Thome, Julian, et al.
Published: (2021)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: THOME, Julian, et al.
Published: (2018)

Automated insertion of exception handling for key and referential constraints
by: Liu, Kaiping, et al.
Published: (2013)

Automated reverse engineering of role-based access control policies of web applications
by: LE, Ha Thanh, et al.
Published: (2022)

Case study on SQL injection security attack
by: Low, Kok Jun.
Published: (2010)

Defense Against Packet Injection in Ad Hoc Networks
by: GU, Qijun, et al.
Published: (2007)

DEFENSE STRATEGIES AGAINST FALSE DATA INJECTION ATTACKS IN THE SMART GRID
by: SIU JUN YEN
Published: (2023)

Scalable malware clustering through coarse-grained behavior modeling
by: Chandramohan, Mahinthan, et al.
Published: (2013)

Mining patterns of unsatisfiable constraints to detect infeasible paths
by: DING, Sun, et al.
Published: (2015)

Scalable malware clustering through coarse-grained behavior modeling
by: CHANDRAMOHAN, Mahinthan, et al.
Published: (2012)

Web based indexing and retrieval system using SQL server.
by: Chong, Damon Chew Wai.
Published: (2008)

Analyzing SQL Injection Statements Using Common Substructure of Parse Tree
by: Warradorn Sirisang, et al.
Published: (2019)

CREATION OF NETWORK AUTOMATION WEB INTERFACE FOR CATEGORY VERIFICATION WITH VXLAN EVPN PROTOCOL
by: Azizah Nurrahmah, Husnul

SQL Server 2008 Transact-SQL Recipes
by: Sack, Joseph
Published: (2017)

Analysis of moving target defense against false data injection attacks on power grid
by: Zhang, Z., et al.
Published: (2021)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Automated Technology for Verification and Analysis
Published: (2017)

Certified Reasoning for Automated Verification
by: ASANKHAYA SHARMA
Published: (2015)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Chống tấn công SQL injection sử dụng các khuôn mẫu tổng quát
by: Trần, Quang Chung
Published: (2020)

Towards a hybrid framework for detecting input manipulation vulnerabilities
by: DING, Sun, et al.
Published: (2013)