首页> 外文会议>International Conference on Cloud Computing and Security >A Mutation Approach of Detecting SQL Injection Vulnerabilities
【24h】

A Mutation Approach of Detecting SQL Injection Vulnerabilities

机译:检测SQL注射漏洞的突变方法

获取原文

摘要

As Internet is increasingly prosperous, Web services become more common in our social life. As users can access pages on the Web directly, Web application plays a vital role in various domains such as e-finance and public-services. Inevitably, it will be followed by unprecedented amount of attacks and exploitations. Amongst all of those attacks, SQL injection attacks have consistently high rank in last years due to corresponding vulnerabilities. It is crucial to checking this vulnerabilities before web services being public. In our paper we present an effective approach for testing, MOSA, and mutation operators set to its underpinning. Using this approach we can produce test inputs that cause executable and malignant SQL statement efficiently. Besides that, we do numerous experiments and the results demonstrate that the mutation approach can detect SQL injection vulnerabilities and generate inputs that bypass web application firewalls.
机译:随着互联网越来越繁荣,Web服务在我们的社交生活中变得更加常见。由于用户可以直接访问Web上的页面,Web应用程序在电子融资和公共服务等各个域中扮演一个重要角色。不可避免地,它将是前所未有的攻击和利用。在所有这些攻击中,由于相应的漏洞,SQL注入攻击在过去几年中始终如一。在公共网络服务之前检查此漏洞是至关重要的。在我们的论文中,我们提出了一种测试,MOSA和突变运营商的有效方法。使用此方法,我们可以生成有效地导致可执行和恶性SQL语句的测试输入。除此之外,我们做了许多实验,结果表明,突变方法可以检测SQL注入漏洞,并生成旁路Web应用防火墙的输入。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号