To see the other types of publications on this topic, follow the link: SQL-Injection attacks.
Dissertations / Theses on the topic 'SQL-Injection attacks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 24 dissertations / theses for your research on the topic 'SQL-Injection attacks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Gopali, Gopali. "Protecting Web Applications from SQL Injection Attacks- Guidelines for Programmers Master Thesis." Thesis, Malmö universitet, Fakulteten för teknik och samhälle (TS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20238.
Full textAbstract:
Injektionsattack är den mest kritiska säkerhetsapplikationen för webbapplikationer, och SQL-injektion (SQLi) -attack är den mest rapporterade injektionsattacken på webbapplikationer. I denna avhandling har vi identifierat angreppsteknikerna som används av angripare och vi ger också riktlinjer så att programmerarna kan skriva webbapplikationskoder på ett säkert sätt för att förhindra SQLi-attackerna.Metoden som tillämpas för forskningen är litteraturstudie och vi använde vägen bevis genom demonstration för att få den tydliga bilden. Det första steget var att ta reda på kodningsfelen, då utformade vi riktlinjer som kan hjälpa till att skydda webbapplikationer från SQLi-attacker. Denna avhandling kommer att hjälpa programmerarna att förstå de olika kodningsbristerna och hur dessa kodningsfel kan förhindras och för detta har vi använt bevis genom demonstration. Denna avhandling kommer också att bidra till den allmänna medvetenheten om SQLi-attacker, attacker och riktlinjer för programmerare som designar, utvecklar och testar webbapplikationer.Injection attack is the most critical web application security risk, and SQL-injection (SQLi) attack is the most reported injection attack on web applications. In this thesis, we have identified the attacking techniques used by attackers and we are also providing guidelines so that the programmers can write web application code in a secure way, to prevent the SQLi attacks.The methodology applied for the research is literature study and we used the way proof by demonstration to get the clear picture. The first step was to find out the coding flaws, then we designed guidelines that can help to protect web applications from SQLi attacks. This thesis will help the programmers to understand the various coding flaws and how those coding flaws can be prevented and for this, we have used proof by demonstration. This thesis will also contribute to the general awareness of SQLi attacks, attack types and guidelines for the programmers who are designing, developing and testing web applications.
2
Sjöström, Linus. "Detecting SQL Injection Attacks in VoIP using Real-time Deep Packet Inspection : Can a Deep Packet Inspection Firewall Detect SQL Injection Attacks on SIP Traffic with Reasonable Performance?" Thesis, Linköpings universitet, Institutionen för datavetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-161072.
Full textAbstract:
The use of the Internet has increased over the years, and it is now an integral part of our daily activities, as we often use it for everything from interacting on social media to watching videos online. Phone calls nowadays tend to use Voice over IP (VoIP), rather than the traditional phone networks. As with any other services using the Internet, these calls are vulnerable to attacks. This thesis focus on one particular attack: SQL injection in the Session Initial Protocol (SIP), where SIP is a popular protocol used within VoIP. To find different types of SQL injection, two classifiers are implemented to either classify SIP packets as "valid data" or "SQL injection". The first classifier uses regex to find SQL meta-characters in headers of interest. The second classifier uses naive Bayes with a training data set to classify. These two classifiers are then compared in terms of classification throughput, speed, and accuracy. To evaluate the performance impact of packet sizes and to better understand the classifiers resiliance against an attacker introducing large packets, a test with increasing packet sizes is also presented. The regex classifier is then implemented in a Deep Package Inspection (DPI) open-source implementation, nDPI, before being evaluated with regards to both throughput and accuracy. The result are in favor of the regex classifier as it had better accuracy and higher classification throughput. Yet, the naive Bayes classifier works better for new types of SQL injection that we do not know. It therefore argues that the best choice depends on the scenario; both classifiers have their strengths and weakness!
3
Cetin, Cagri. "Authentication and SQL-Injection Prevention Techniques in Web Applications." Scholar Commons, 2019. https://scholarcommons.usf.edu/etd/7766.
Full textAbstract:
This dissertation addresses the top two “most critical web-application security risks” by combining two high-level contributions.
The first high-level contribution introduces and evaluates collaborative authentication, or coauthentication, a single-factor technique in which multiple registered devices work together to authenticate a user. Coauthentication provides security benefits similar to those of multi-factor techniques, such as mitigating theft of any one authentication secret, without some of the inconveniences of multi-factor techniques, such as having to enter passwords or biometrics. Coauthentication provides additional security benefits, including: preventing phishing, replay, and man-in-the-middle attacks; basing authentications on high-entropy secrets that can be generated and updated automatically; and availability protections against, for example, device misplacement and denial-of-service attacks. Coauthentication is amenable to many applications, including m-out-of-n, continuous, group, shared-device, and anonymous authentications. The principal security properties of coauthentication have been formally verified in ProVerif, and implementations have performed efficiently compared to password-based authentication.
The second high-level contribution defines a class of SQL-injection attacks that are based on injecting identifiers, such as table and column names, into SQL statements. An automated analysis of GitHub shows that 15.7% of 120,412 posted Java source files contain code vulnerable to SQL-Identifier Injection Attacks (SQL-IDIAs). We have manually verified that some of the 18,939 Java files identified during the automated analysis are indeed vulnerable to SQL-IDIAs, including deployed Electronic Medical Record software for which SQL-IDIAs enable discovery of confidential patient information. Although prepared statements are the standard defense against SQL injection attacks, existing prepared-statement APIs do not protect against SQL-IDIAs. This dissertation therefore proposes and evaluates an extended prepared-statement API to protect against SQL-IDIAs.
4
Smith, Grant Joseph. "Analysis and Prevention of Code-Injection Attacks on Android OS." Scholar Commons, 2014. https://scholarcommons.usf.edu/etd/5391.
Full textAbstract:
Injection attacks are the top two causes of software errors and vulnerabilities, according to the MITRE Common Vulnerabilities list [1]. This thesis presents a threat analysis of injection attacks on applications built for Android, a popular but not rigorously studied operating system designed for mobile devices. The following thesis is argued: Injection attacks are possible on off-the-shelf Android systems, and such attacks have the capacity to compromise the device through resource denial and leaking private data. Specifically, we demonstrate that injection attacks are possible through the OS shell and through the SQLite API. To mitigate these attacks, we augment the Android OS with a taint-tracking mechanism to monitor the flow of untrusted character strings through application execution. We use this taint information to implement a mechanism to detect and prevent these injection attacks. A good denition of an attack being critical to preventing it, our mechanism is based on Ray and Ligatti's formalized “NIE" property, which states that untrusted inputs must only insert or expand noncode tokens in output programs. If this property is violated, an injection attack has occurred. This definition's detection algorithm, in combination with our taint tracker, allow our mechanism to defend against these attacks.
5
Nsambu, Emmanuel, and Danish Aziz. "The Defense Against the latest Cyber Espionage both insider and outsider attacks." Thesis, Mittuniversitetet, Institutionen för informationsteknologi och medier, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-16477.
Full textAbstract:
This study was carried out with the intention of examining the defensive mechanism employed against the latest cyber espionage methods including both insider and outsider attacks. The main focus of this study was on web servers as the targets of the cyber attacks. Information in connection to the study was obtained from researchers’ online articles. A survey was also conducted at MidSweden University in order to obtain information about the latest cyber attacks on web servers and about the existing defensive mechanism against such attacks. The existing defensive mechanism was surveyed and a simple design was created to assist in the investigation of the efficiency of the system. Some simple implementations of the existing defensive mechanism were made in order to provide some practical results that were used for the study. The existing defensive mechanism was surveyed and improved upon where possible. The improved defensive mechanism was designed and implemented and its results were compared with the results from the existing defensive mechanism. Due to the fact that the majority of the attackers use defensive mechanisms’ vulnerability in order to find their way into devices such as web servers, it was felt that, even with the most sophisticated improved defensive mechanism in place, it would not be entirely correct to claim that it is possible to fully protect web servers against such attacks.
6
Wheeler, Ryan. "BlindCanSeeQL: Improved Blind SQL Injection For DB Schema Discovery Using A Predictive Dictionary From Web Scraped Word Based Lists." Scholar Commons, 2015. http://scholarcommons.usf.edu/etd/6050.
Full textAbstract:
SQL Injections are still a prominent threat on the web. Using a custom built tool, BlindCanSeeQL (BCSQL), we will explore how to automate Blind SQL attacks to discover database schema using fewer requests than the standard methods, thus helping avoid detection from overloading a server with hits. This tool uses a web crawler to discover keywords that assist with autocompleting schema object names, along with improvements in ASCII bisection to lower the number of requests sent to the server. Along with this tool, we will discuss ways to prevent and protect against such attacks.
7
Whitelaw, Clayton. "Precise Detection of Injection Attacks on Concrete Systems." Scholar Commons, 2015. http://scholarcommons.usf.edu/etd/6051.
Full textAbstract:
Injection attacks, including SQL injection, cross-site scripting, and operating system command injection, rank the top two entries in the MITRE Common Vulnerability Enumeration (CVE) [1]. Under this attack model, an application (e.g., a web application) uses some untrusted input to produce an output program (e.g., a SQL query). Applications may be vulnerable to injection attacks because the untrusted input may alter the output program in malicious ways. Recent work has established a rigorous definition of injection attacks. Injections are benign iff they obey the NIE property, which states that injected symbols strictly insert or expand noncode tokens in the output program. Noncode symbols are strictly those that are either removed by the tokenizer (e.g., insignificant whitespace) or span closed values in the output program language, and code symbols are all other symbols. This thesis demonstrates that such attacks are possible on applications for Android—a mobile device operating system—and Bash—a common Linux shell—and shows by construction that these attacks can be detected precisely. Specifically, this thesis examines the recent Shellshock attacks on Bash and shows how it widely differs from ordinary attacks, but can still be precisely detected by instrumenting the output program’s runtime. The paper closes with a discussion of the lessons learned from this study and how best to overcome the practical challenges to precisely preventing these attacks in practice.
8
Bahureková, Beáta. "Technika SQL injection - její metody a způsoby ochrany." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2020. http://www.nusl.cz/ntk/nusl-433304.
Full textAbstract:
SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
9
Pandey, Amit Kumar. "Securing Web Applications From Application-Level Attack." Kent State University / OhioLINK, 2007. http://rave.ohiolink.edu/etdc/view?acc_num=kent1181098075.
Full text
10
Uwagbole, Solomon. "A pattern-driven corpus to predictive analytics in mitigating SQL injection attack." Thesis, Edinburgh Napier University, 2018. http://researchrepository.napier.ac.uk/Output/1538260.
Full textAbstract:
The back-end database provides accessible and structured storage for each web application's big data internet web traffic exchanges stemming from cloud-hosted web applications to the Internet of Things (IoT) smart devices in emerging computing. Structured Query Language Injection Attack (SQLIA) remains an intruder's exploit of choice to steal confidential information from the database of vulnerable front-end web applications with potentially damaging security ramifications. Existing solutions to SQLIA still follows the on-premise web applications server hosting concept which were primarily developed before the recent challenges of the big data mining and as such lack the functionality and ability to cope with new attack signatures concealed in a large volume of web requests. Also, most organisations' databases and services infrastructure no longer reside on-premise as internet cloud-hosted applications and services are increasingly used which limit existing Structured Query Language Injection (SQLI) detection and prevention approaches that rely on source code scanning. A bio-inspired approach such as Machine Learning (ML) predictive analytics provides functional and scalable mining for big data in the detection and prevention of SQLI in intercepting large volumes of web requests. Unfortunately, lack of availability of robust ready-made data set with patterns and historical data items to train a classifier are issues well known in SQLIA research applying ML in the field of Artificial Intelligence (AI). The purpose-built competition-driven test case data sets are antiquated and not pattern-driven to train a classifier for real-world application. Also, the web application types are so diverse to have an all-purpose generic data set for ML SQLIA mitigation. This thesis addresses the lack of pattern-driven data set by deriving one to predict SQLIA of any size and proposing a technique to obtain a data set on the fly and break the circle of relying on few outdated competitions-driven data sets which exist are not meant to benchmark real-world SQLIA mitigation. The thesis in its contributions derived pattern-driven data set of related member strings that are used in training a supervised learning model with validation through Receiver Operating Characteristic (ROC) curve and Confusion Matrix (CM) with results of low false positives and negatives. We further the evaluations with cross-validation to have obtained a low variance in accuracy that indicates of a successful trained model using the derived pattern-driven data set capable of generalisation of unknown data in the real-world with reduced biases. Also, we demonstrated a proof of concept with a test application by implementing an ML Predictive Analytics to SQLIA detection and prevention using this pattern-driven data set in a test web application. We observed in the experiments carried out in the course of this thesis, a data set of related member strings can be generated from a web expected input data and SQL tokens, including known SQLI signatures. The data set extraction ontology proposed in this thesis for applied ML in SQLIA mitigation in the context of emerging computing of big data internet, and cloud-hosted services set our proposal apart from existing approaches that were mostly on-premise source code scanning and queries structure comparisons of some sort.
11
Plašil, Matouš. "Soubor laboratorních úloh k demonstraci počítačových útoků." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2015. http://www.nusl.cz/ntk/nusl-220402.
Full textAbstract:
Diploma thesis describes published attacks on computers and computer networks. Principles of footprinting such as availability check, OS detection, port scanning were described. Next part explains attacks on confidentiality, integrity and availability. In the practical part were created four laboratory tasks and a virtual environment which allowed testing of ARP spoofing, DNS spoofing, SSL strip, Cross-site scripting, SQL injection, flooding attacks (TCP, ICMP, UDP), TCP reset and attack on operating system using backdoor with Metasploit framework. In practical part were also created video samples with attacks and documentation for teachers.
12
Wu, Ko-Chih, and 巫格至. "Automated Exploit Generation for SQL Injection Attacks." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/66937924239857964035.
Full textAbstract:
碩士臺灣大學
電子工程學研究所
98
Automated static analysis tools are widely used today for finding input manipulation vulnerabilities in web applications, such as SQL injection. However, these tools may produce many false positives and these reported vulnerabilities cannot be verified easily. To verify these reported vulnerabilities, concrete attack requests need to be constructed and to be submitted to the target application, just like what hackers or black-box tools will do. Our approach is to send concrete exploits and to inspect SQL queries that are executed at run-time. Thus, it is possible to declare the reported vulnerability valid (along with true exploitable SQL commands) or bogus (i.e., false positive). Our technique is proved to be effective after the evaluation against several real-world examples.
13
Chen, Bo Han, and 陳柏翰. "Effective Practices For Defending SQL Injection Attacks." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/89556774781629620492.
Full textAbstract:
碩士長庚大學
資訊管理學系
98
When setting up a web server to read from a database, it’s important that the designer check the parameter information being passed from the customer to the webpage. Otherwise, the transmission of this data could create opportunities for assailants to find weaknesses which can be used to attack thesystem, possibly leading to loss of corporate or customer information. This study proposes the use of the Acunetix Web Vulnerability Scanner, Barracuda Web Application Firewall, and Splunk search engine to search the web server and Barracuda Web Application Firewall log file to improve defenses against SQL injection attacks by protecting the results of search engine analyses to safeguard feedback. The webpage manager only uses the Barracuda Web Application Firewall to describe the relevant attributes of the webpage outputs, This firewall device, positioned between the network firewall and the Web server, can protect the webpage automatically and can open the Barracuda Web Application Firewall transparent mode, and directly check the output of network user information. The so-called Transparent Mode need not be updated to allow for installation, settings configuration and dynamic packet filtering. Without the need to change the extant webpage application program and database settings, this safeguard can be simply and easily configurated, and operating interfaces can offer multi-lingual support to assist the work of maintenance staff and accelerate the adoption and deployment application of the equipment.
14
Migli, Roberto, and 馬若權. "A fast, multi-platform method to detect SQL Injection Attacks." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/66902532536363882776.
Full textAbstract:
碩士國立臺灣科技大學
資訊工程系
97
In these years SQL injection attacks became a major threat for both small and large web sites. This special kind of injection attack exploits vulnerabilities in the web applications that interact with a backend database. In this paper we analyze the SQL injection attack patterns and the previously proposed defense methods. We found that most of the existing researches are able to detect most of the attacks, but they do not consider the complexity involved in using the defense system and the eventual cost of modification of the original program. The proposed method requires no modification of the web application code, and can be adapted to different usage scenarios, involving also different operating systems and server applications. The proposed method is able to detect all the known injection points for the test application. We compare the results achieved with a published paper under the same testing conditions.
15
Huang, Hao-lun, and 黃浩倫. "TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/79047244359095359380.
Full textAbstract:
碩士國立中央大學
資訊工程研究所
98
Web-based applications have become the major means of providing services by web servers and databases. These applications are the frequent target for attacks be-cause the databases underlying Web applications often contain private information (e.g., user accounts and financial records). In particular, SQL injection attacks, a class of injection flaw in which specially crafted input strings leads to illegal queries to da-tabases, are one of the topmost threats to web applications. A number of research pro-totypes and commercial products that maintain the queries structure in web applica-tions have been developed but these techniques fail to address the full scope of the problem or have limitations. In this paper, we propose a novel and effective mechanism for automatically translating SQL requests to LDAP-equivalent requests to render them secure against SQL injection attacks. After queries are executed on SQL database and LDAP, our technique checks the difference in responses from SQL database and LDAP to prevent SQL injection attacks. We implemented our technique in a tool, TransSQL, consists of two steps. In the preprocessing step, Database Duplicating process, we adopt sqldump program to extract entire information of SQL database that could be used to produce LDAP schema and LDAP Data Interchange Format file. In the runtime step, Request Translation process, the technique intercepts SQL queries for translation and checks the results from LDAP against SQL database. TransSQL has been implemented in Java and deployed between web applications and databases. Our empirical evaluation has shown that TransSQL is both effectiveness and efficiency against SQL injection attacks.
16
Lai, Shu Mei, and 賴淑美. "Preventing SQL Injection Attacks Using the Field Attributes of User Input." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/72087296479960095398.
Full textAbstract:
碩士國立政治大學
資訊科學學系
97
With the dynamic development of network application and the increasing population of using internet, providing customer service and making business through network has been a prevalent trend recently. However, the risk appears with this trend. In a borderless net world, threaten comes from all directions. With the progress of information technology, the technique of network attack becomes timeless and widespread. It seems that defense methods have to develop against these attack techniques. But the root of all should regress on the original program design – check the input data of data fields. The prevention of unceasing network attack is precisely check the content of data field and adhere to the webpage security design on principle, furthermore, the authority to access database is essential. Since most existing systems do not have exactly checkpoints of those data fields such as the length, the data type, and the data format, as a result, those conditions resulted in several network attacks like Injection Flaws and XSS. In response to various website attack constantly, the majority remodify the system source code, inspect vulnerabilities by the service of penetration test, and purchase the equipment of Intrusion Prevention Systems(IPS). However, several limitations influence the performance, such as the massive workload of remodify source code, the difficulty to implement the daily penetration test, and the costly expenses of IPS equipment. The fundamental method of this research is to check the input data of data fields which bases on the length, the data type and the data format to check input data. The hypothesis is that to implement the original design principle should prevent most website attacks. Unfortunately, most legacy system programs are massive and numerous. It is time-consuming to review and remodify all the data fields. This research investigates the analysis of network interception, integrates with the database schema and the easy-defined data type, to automatically process these procedures and rapidly generates the checklist of input data. Then, using the method of website dynamic captures technique to receive user request first and webpage input data before the system application commences to process it. According to those input data can be checked by the predefined data filed type and the length, there is no necessary to modify existing systems and can achieve the goal to prevent web attack with the minimum cost.
17
CHEN, CHAO-AN, and 陳昭安. "A Study of Combining PDO and ModSecurity for Defending SQL Injection Attacks." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/2tkq9p.
Full textAbstract:
碩士銘傳大學
資訊工程學系碩士班
104
According to Open Web Application Security Project report notes, there are several Web Application network attack methods in recent years such as SQL Injection, Cross-Site Scripting and other attacks. Most common hacking attack is SQL Injection, it’ssecurity vulnerability between the application and the database layer.Hackers can enter special characters by changing the logical grammar and the SQL statement is unexpectedly performed on the database. In this way, attackers can queries data or modify the database without authentication procedure.In this study, to prevent Web server/Database being attacked by malicious user, we need to provide technical measures that can be mitigate the effect of an attack. Hence we are using PDO and ModSecurity to avoid SQL Injection. PDO is Object-oriented and provides a data-access abstraction layer for accessing database,it’s increase system flexibility and compiling speed. ModSecurity is a web application firewall, by modify OWASP attack detection rules and settings, such as filter SQL Injection, to prevent malicious attack and keep web/Database server secure.
18
Lee, Chun-Hsien, and 李俊憲. "A Study on Common SQL Injection Attacks and Defenses - a Case of Discuz Software." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/ucaa6w.
Full textAbstract:
碩士國防大學
資訊管理學系
104
Global network has developed more than ten years. A wide variety of websites have mushroomed birth to response to user demand for access to the Internet. Most people choose web packaged software to the operating site while free software is numerous. However, the designer of web packaged software did not consider the safety of the site access permissions and filters because of the intricacy of the code or coding negligence. It may cause the sensitive information accessed by weakness web page, and lead to a serious personal data leaks. In this study, it talk about the free packaged software "Discuz" briefly that there had been disclosed, and enumerate common SQL Injection vulnerability attacks. Then we exploit instance operation by Discuz and modified by characteristics of the site. This study is expected to reach the experiment results, emphasizing the important security concerns that exist to use packaged software. Finally, it takes the vulnerability patch for Discuz version 7.2, and proposed a common SQL Injection attack prevention as expected by the present study examples and suggestions. And I hope remind web developers in the development of the site at the same time, the code must be filtered and penetration testing, to avoid the site from malicious replacing the web page attack or suffer serious consequences form user data leakage.
19
Lu, Chian-Huey, and 盧芊慧. "Web Platform Independent SQL injection Attack Generation." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/43099096080587428778.
Full textAbstract:
碩士國立交通大學
資訊科學與工程研究所
102
Internet has been an important communication media for our daily life. Most of us access information and save our personal private data in the database through web applications. However, due to the ignorance of secure programming practice of web programmers, hackers may be able to access or destroy data through potential web vulnerabilities. We developed a web platform independent SQL injection attack generation method to improve our former web attack framework called CRAXweb. The system is able to generate exploit for the target web application automatically and acts as a penetration test. CRAXweb is based on S2E, a symbolic execution platform. We accumulate the URLs of target web application through web crawler and send the HTTP request with symbolic variable to the symbolic sensor embedded in the server. For the purpose of improving efficiency of symbolic execution, we adopt the single path concolic execution mode to collect path constraint and generate the exploit. We have applied this method to several known vulnerabilities on open source web applications. The results reveal that CRAXweb is a practical exploit generation tool supporting different web platforms, including PHP, C/C++, Perl, and Python.
20
Chia, Bernard, and 謝孟峰. "Web Forensic: Evidence of SQL Injection Attack Analysis." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/81060912022228427261.
Full textAbstract:
碩士國立臺北大學
資訊工程學系
102
In the WEB 2.0 generation, web attack has become a common issue and is widely used by intruders to exploit and access a system without any authorization. According to a survey from OWASP (Open Web Application Security Project’s), SQL injection attack (SQLIA) is placed first in the OWASP 2013’s top 10 list of cyber threats that is faced by the web service. SQLIA is a technique of inserting SQL meta-characters and commands into web-based input fields to change the original meaning of the SQL queries in order to manipulate the execution of the malicious SQL queries to access the databases unauthorized. SQLIA cannot be detected by any firewall or antivirus because it involves only the injection of one or many meta-characters and hence do not contain any malicious. Hence, forensic analysis is performed to find out the evidence of an attack and this plays an important role to make a conclusion on an incident whether to prove or disprove an intruder’s guilt. In previous researches, there were three ways of performing a forensic analysis namely, simple statistical analysis, parsing capabilities matching and simple signature matching. Thus, a method is proposed by analyzing the URL attack request and decoding the request before analyzing the request with the rule set that is provided by PHPIDS and then cluster these attacks by calculating the distance between every cluster and assigns the distance to the cluster with the nearest centroid point. To find the pattern of the SQL injection to cluster these attacks, a method is proposed whereby the SQL keyword is extracted as a token set from the URL request and then this token set is analyzed based on the K-mean method to find the standard centroid to cluster these attacks.
21
Wu, Ching-Ju, and 吳靜茹. "A Defense against SQL Injection Attack through Validation on Input Legitimacy." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/44317375982863901114.
Full textAbstract:
碩士中原大學
資訊工程研究所
97
The development of Web 2.0 brings in the prevalence of web application services based on database support. Along with the increasing interaction with database, web application service programs become complicate, which makes it difficult to guarantee that SQL query constructed using user input is safe to database. Therefore, an effective defense mechanism against SQL injection attack from malicious user is important to the safe use of the valuable content in the database. In this thesis, a novel defense scheme is proposed. Before a web application service program is put into work, a static analysis process is applied to determine the type of each user supplied parameter to be used in constructing SQL queries. Later, when a user input is received at web server at run time, a validation procedure is performed to determine the legitimacy of the input according to its type before it is delivered to corresponding application program to construct SQL query. In this way, the possibility of constructing illegal SQL queries is eliminated. The scheme focus on the input parameters directly related to SQL query construction, which makes it possible to follow SQL syntax precisely and allow atypical yet proper input value. The scheme also avoid the problem of leaking of information internal to the web application service since the validation procedure is performed at web server before user input is delivered to the corresponding application programs. The proposed scheme is transparent to both user and the program developer. It only requires administration effort to run the static analysis process on application programs and to install the validation module in web server to achieve the desired protection against SQL injection attacks.
22
Μπαλαφούτης, Χρήστος. "Μέθοδοι προστασίας ιστοσελίδων στο διαδίκτυο." Thesis, 2012. http://hdl.handle.net/10889/5584.
Full textAbstract:
Στην παρούσα διπλωματική εργασία παρουσιάζονται βασικές έννοιες και μέθοδοι για την ασφάλεια ιστοσελίδων και ιδιαίτερα των site με web application προσανατολισμό, χωρίς αυτό να σημαίνει ότι αρκετές τεχνικές προστασίας και σφάλματα που θα εντοπίσουμε δεν μπορούν να συναντηθούν και σε άλλου σκοπού ιστοσελίδες. Αρχικά, γίνεται αναφορά στο τι είναι μια εφαρμογή ιστού (web app) και ποια είναι τα στοιχεία που την αποτελούν. Στη συνέχεια, χρησιμοποιώντας έρευνες, παρουσιάζονται κάποιες από τις πιο “δημοφιλείς” επιθέσεις που γίνονται σε ιστοσελίδες και περιγράφεται πιο διεξοδικά ποια αδύνατα σημεία της δομής των ιστοσελίδων εκμεταλλεύονται. Παράλληλα, γίνεται αναφορά στο πως και με ποια εργαλεία μπορούμε να εντοπίσουμε και να κλείσουμε τα κενά ασφαλείας που τυχόν έχει μία εφαρμογή ιστού. Τέλος, παρουσιάζεται η εφαρμογή που αναπτύχθηκε στα πλαίσια της εργασίας με σκοπό να γίνει επίδειξη συγκεκριμένων επιθέσεων και σφαλμάτων που παρατηρούνται στο διαδίκτυο.In the following pages basic principals and methods are presented in order to secure websites and web applications. I begin by mentioning what is a web application. Moreover, by using statistics and recent researches from various sources i mention the most common web app attack methods and which vulnerabilities can be found in a web app and how to prevent exploiting, something we can accomplish by using various penetration testing tools. Finally, by using a basic web app some web attacks are shown so that it will become more clear how these attacks work.
23
Lee, An-Na, and 李安娜. "A Defense against Compositional SQL Injection Attack through Validation on Input Legitimacy." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/97401110032725711181.
Full textAbstract:
碩士中原大學
資訊工程研究所
99
With Web2.0 as the dominant web service model, the majority of dynamic web services adopted the system structure with front end web application programs responsible for customized web page generation and back end database serving as data repository such that flexible and customizable dynamic services can be easily achieved. However, it comes with the price of the potential risk of SQL injection attacks which may lead to data theft or content destruction, even database crash. Filtering user inputs and blocking those from which SQL injection attack may be formed can prevent attacks from happening. Among the solutions adopting the input validation strategy, a two step input validation method consisting of performing static analysis on web applications for collecting input attribute information as well as applying dynamic analysis on run-time submitted user inputs according its attributes can provide adequate protection against SQL injection attack while preventing malicious user from obtaining error messages. However, a SQL command can be a product of a sequence of operations crossing multiple web application program boundaries, and a parameter in a SQL command can be the composition of multiple-inputs. In this thesis, we extended the original two-step input-validation method so that web applications with multiple page SQL command formulation as well as multi-input parameter can be protected. We devise an enhanced static analysis procedure to discover the composition sequence of multi-page-generated SQL command as well as the relation between user inputs and corresponding SQL parameters. We also proposed a modified dynamic analysis procedure to validate inputs according to the information obtained from the static analysis. A prototype system has been developed and tested. The result shows that our proposed enhanced two-step input-validation method can defend a web application against multi-page and multi-input SQL injection attacks.
24
Chen, Wei-Lin, and 陳威霖. "A Defense against Stored Procedure Compositional SQL Injection Attack through Validation on Input Legitimacy." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/26361252040531115602.
Full textAbstract:
碩士中原大學
資訊工程研究所
101
SQL injection attacks may lead to data theft, content destruction, even database crash. Many defense mechanisms have been proposed to resolve explicit SQL injection attacks, where the attacks take advantage of the web application programs. However, defense against SQL injection attacks aiming at stored procedures provided by supporting database system have not been successfully addressed. In this study, we extend the input legitimacy validation method to SQL injection attack on stored procedures. Besides the web application program, the statics analysis is also performed on the stored procedures provided by database system to obtain knowledge on the relationships between user input parameters and the stored procedures. During on-line dynamic analysis phase, input parameters are verified according to the previously derived knowledge. If a potential SQL injection attack is detected, the user request will be rejected before forwarding to the web application programs. The proposed enhancement to the original method provides a more comprehensive defense on SQL injection attacks. Our method is transparent to users and web application program designers. It provides effective defense with no need to rewrite application programs.