Runtime monitors for tautology based SQL injection attacks


Increased usage of web applications in recent years has emphasized the need to achieve (i) confidentiality, (ii) integrity, and (iii) availability of web applications. Backend database being the main target for external attacks such as SQL Injection Attacks, there is an emerging need to handle such attacks to secure stored information. Pre-deployment testing alone does not ensure complete security and hence post-deployment monitoring of web applications during its interaction with the external world can help us to handle SQL Injection Attacks in a better way. In this paper, we present a framework which can be used to handle tautology based SQL Injection Attacks using post-deployment monitoring technique. Our framework uses two pre-deployment testing techniques i.e. basis path and data flow testing techniques to identify legal execution paths of the software. Runtime monitors are then developed and integrated to observe the behavior of the software for identified execution paths such that their violation will help to detect and prevent tautology based SQL Injection Attacks. © 2012 IEEE.

Publication Title

Proceedings 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic, CyberSec 2012