Sania: Syntactic and semantic analysis for automated testing against SQL injection

Yuji Kosuga, Kenji Kono, Miyuki Hanaoka, Miho Hishiyama, Yu Takahama

Research output: Chapter in Book/Report/Conference proceedingConference contribution

64 Citations (Scopus)

Abstract

With the recent rapid increase in interactive web applications that employ back-end database services, an SQL injection attack has become one of the most serious security threats. The SQL injection attack allows an attacker to access the underlying database, execute arbitrary commands at intent, and receive a dynamically generated output, such as HTML web pages. In this paper, we present our technique, Sania, for detecting SQL injection vulnerabilities in web applications during the development and debugging phases. Sania intercepts the SQL queries between a web application and a database, and automatically generates elaborate attacks according to the syntax and semantics of the potentially vulnerable spots in the SQL queries. In addition, Sania compares the parse trees of the intended SQL query and those resulting after an attack to assess the safety of these spots. We evaluated our technique using real-world web applications and found that our solution is efficient in comparison with a popular web application vulnerabilities scanner. We also found vulnerability in a product that was just about to be released.

Original languageEnglish
Title of host publicationProceedings - 23rd Annual Computer Security Applications Conference, ACSAC 2007
Pages107-116
Number of pages10
DOIs
Publication statusPublished - 2007 Dec 1
Event23rd Annual Computer Security Applications Conference, ACSAC 2007 - Miami Beach, FL, United States
Duration: 2007 Dec 102007 Dec 14

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527

Other

Other23rd Annual Computer Security Applications Conference, ACSAC 2007
CountryUnited States
CityMiami Beach, FL
Period07/12/1007/12/14

ASJC Scopus subject areas

  • Software
  • Engineering(all)

Fingerprint Dive into the research topics of 'Sania: Syntactic and semantic analysis for automated testing against SQL injection'. Together they form a unique fingerprint.

  • Cite this

    Kosuga, Y., Kono, K., Hanaoka, M., Hishiyama, M., & Takahama, Y. (2007). Sania: Syntactic and semantic analysis for automated testing against SQL injection. In Proceedings - 23rd Annual Computer Security Applications Conference, ACSAC 2007 (pp. 107-116). [4412981] (Proceedings - Annual Computer Security Applications Conference, ACSAC). https://doi.org/10.1109/ACSAC.2007.20