SDriver: Location-specific signatures prevent SQL injection attacks
نویسندگان
چکیده
sql injection attacks involve the construction of application input data that will result in the execution of malicious sql statements. Many web applications are prone to sql injection attacks. This paper proposes a novel method for preventing this kind of attacks by placing a database driver proxy between the application and its underlying relational database management system. To detect an attack, the driver uses stripped-down sql queries and stack traces to create sql statement signatures that are then used to distinguish between injected and legitimate queries. The driver depends neither on the application nor on the rdbms and can be easily retrofitted to any system. We have developed a tool, sdriver, that implements our technique and tested it successfully on several web applications.
منابع مشابه
Countering Code Injection Attacks: A Unified Approach
Code injection exploits a software vulnerability through which a malicious user can make an application run unauthorized code. Server applications frequently employ dynamic and domain-specific languages, which are used as vectors for the attack. We propose a generic approach that prevents the class of injection attacks involving these vectors: our scheme detects attacks by using location-specif...
متن کاملCountering SQL Injection Attacks with a Database Driver
SQL injection attacks involve the construction of application input data that will result in the execution of malicious SQL statements. Many web applications today, are prone to SQL injection attacks. This paper proposes a novel methodology of preventing this kind of attacks by placing a secure database driver between the application and its underlying relational database management system. To ...
متن کاملpSigene: Webcrawling to Generalize SQL Injection Signatures
Intrusion detection systems (IDS) are an important component to effectively protect computer systems. Misuse detection is the most popular approach to detect intrusions, using a library of signatures to find attacks. The accuracy of the signatures is paramount for an effective IDS, still today’s practitioners rely on manual techniques to improve and update those signatures. We present a system,...
متن کاملA Novel Approach for SQL Injection Prevention Using Hashing & Encryption (SQL-ENCP)
SQL Injection Attack (SQLIA) is a technique that helps the attackers to direct enters into the database in an unauthorized way and reach the highest or most decisive point in extracting or updating sensitive information from any organizations database. In this paper, we studied the scenario of the different types of attacks with descriptions and examples of how attacks of that type could be per...
متن کاملAn Approach to Detect and Prevent SQL Injection Attacks in Database Using Web Service
SQL injection is an attack methodology that targets the data residing in a database through the firewall that shields it. The attack takes advantage of poor input validation in code and website administration. SQL Injection Attacks occur when an attacker is able to insert a series of SQL statements in to a ‘query’ by manipulating user input data in to a web-based application, attacker can take ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 28 شماره
صفحات -
تاریخ انتشار 2009