Detecting SQL injection attacks using query result size

Young Su Jang, Jin Young Choi

Research output: Contribution to journalArticle

15 Citations (Scopus)

Abstract

Web applications are becoming an essential part of our everyday lives, with many of our activities dependent on the functionality and security of these applications. Web applications are ubiquitous, perform mission critical tasks, and handle sensitive user data. As the scale of these applications grows, injection vulnerabilities, such as SQL injections, become major security challenges. Most of these vulnerabilities stem from a lack of input validation; that is, web applications use malicious input as part of a sensitive operation without properly checking or sanitizing the input values. SQL injection attacks target databases that are accessible through a web front-end; moreover, they take advantage of flaws in the input validation logic of web components. In this paper, we exhibit a novel scheme that automatically transforms web applications, rendering them safe against SQL injection attacks. Our technique dynamically analyzes the developer-intended query result size for any input, and detects attacks by comparing this against the result of the actual query. We implement this technique in a tool for protecting Java-based web applications. An experimental evaluation demonstrates that our technique is effective against SQL injection vulnerabilities.

Original languageEnglish
Pages (from-to)104-118
Number of pages15
JournalComputers and Security
Volume44
DOIs
Publication statusPublished - 2014 Jan 1

Fingerprint

vulnerability
functionality
everyday life
lack
evaluation
Defects
Values

ASJC Scopus subject areas

  • Computer Science(all)
  • Law

Cite this

Detecting SQL injection attacks using query result size. / Jang, Young Su; Choi, Jin Young.

In: Computers and Security, Vol. 44, 01.01.2014, p. 104-118.

Research output: Contribution to journalArticle

@article{277899f30c234bfa810f747e66eea40d,
title = "Detecting SQL injection attacks using query result size",
abstract = "Web applications are becoming an essential part of our everyday lives, with many of our activities dependent on the functionality and security of these applications. Web applications are ubiquitous, perform mission critical tasks, and handle sensitive user data. As the scale of these applications grows, injection vulnerabilities, such as SQL injections, become major security challenges. Most of these vulnerabilities stem from a lack of input validation; that is, web applications use malicious input as part of a sensitive operation without properly checking or sanitizing the input values. SQL injection attacks target databases that are accessible through a web front-end; moreover, they take advantage of flaws in the input validation logic of web components. In this paper, we exhibit a novel scheme that automatically transforms web applications, rendering them safe against SQL injection attacks. Our technique dynamically analyzes the developer-intended query result size for any input, and detects attacks by comparing this against the result of the actual query. We implement this technique in a tool for protecting Java-based web applications. An experimental evaluation demonstrates that our technique is effective against SQL injection vulnerabilities.",
keywords = "Input validation, Query result size, Sanitization, Sensitive operation, SQL injection, Web applications",
author = "Jang, {Young Su} and Choi, {Jin Young}",
year = "2014",
month = "1",
day = "1",
doi = "10.1016/j.cose.2014.04.007",
language = "English",
volume = "44",
pages = "104--118",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "Elsevier Limited",

}

TY - JOUR

T1 - Detecting SQL injection attacks using query result size

AU - Jang, Young Su

AU - Choi, Jin Young

PY - 2014/1/1

Y1 - 2014/1/1

N2 - Web applications are becoming an essential part of our everyday lives, with many of our activities dependent on the functionality and security of these applications. Web applications are ubiquitous, perform mission critical tasks, and handle sensitive user data. As the scale of these applications grows, injection vulnerabilities, such as SQL injections, become major security challenges. Most of these vulnerabilities stem from a lack of input validation; that is, web applications use malicious input as part of a sensitive operation without properly checking or sanitizing the input values. SQL injection attacks target databases that are accessible through a web front-end; moreover, they take advantage of flaws in the input validation logic of web components. In this paper, we exhibit a novel scheme that automatically transforms web applications, rendering them safe against SQL injection attacks. Our technique dynamically analyzes the developer-intended query result size for any input, and detects attacks by comparing this against the result of the actual query. We implement this technique in a tool for protecting Java-based web applications. An experimental evaluation demonstrates that our technique is effective against SQL injection vulnerabilities.

AB - Web applications are becoming an essential part of our everyday lives, with many of our activities dependent on the functionality and security of these applications. Web applications are ubiquitous, perform mission critical tasks, and handle sensitive user data. As the scale of these applications grows, injection vulnerabilities, such as SQL injections, become major security challenges. Most of these vulnerabilities stem from a lack of input validation; that is, web applications use malicious input as part of a sensitive operation without properly checking or sanitizing the input values. SQL injection attacks target databases that are accessible through a web front-end; moreover, they take advantage of flaws in the input validation logic of web components. In this paper, we exhibit a novel scheme that automatically transforms web applications, rendering them safe against SQL injection attacks. Our technique dynamically analyzes the developer-intended query result size for any input, and detects attacks by comparing this against the result of the actual query. We implement this technique in a tool for protecting Java-based web applications. An experimental evaluation demonstrates that our technique is effective against SQL injection vulnerabilities.

KW - Input validation

KW - Query result size

KW - Sanitization

KW - Sensitive operation

KW - SQL injection

KW - Web applications

UR - http://www.scopus.com/inward/record.url?scp=84902299651&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84902299651&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2014.04.007

DO - 10.1016/j.cose.2014.04.007

M3 - Article

VL - 44

SP - 104

EP - 118

JO - Computers and Security

JF - Computers and Security

SN - 0167-4048

ER -