Full Record

New Search | Similar Records

Author
Title Runtime detection and prevention for Structure Query Language injection attacks
URL
Publication Date
Degree PhD
Degree Level doctoral
University/Publisher De Montfort University
Abstract The use of Internet services and web applications has grown rapidly because of user demand. At the same time, the number of web application vulnerabilities has increased as a result of mistakes in the development where some developers gave the security aspect a lower priority than aspects like application usability. An SQL (structure query language) injection is a common vulnerability in web applications as it allows the hacker or illegal user to have access to the web application's database and therefore damage the data, or change the information held in the database. This thesis proposes a new framework for the detection and prevention of new and common types of SQL injection attacks. The programme of research is divided in several work packages that start from addressing the problem of the web application in general and SQL injection in particular and discuss existing approaches. The other work packages follow a constructive research approach. The framework considers existing and new SQL injection attacks. The framework consists of three checking components; the first component will check the user input for existing attacks, the second component will check for new types of attacks, and the last component will block unexpected responses from the database engine. Additionally, our framework will keep track of an ongoing attack by recording and investigating user behaviour. The framework is based on the Anatempura tool, a runtime verification tool for Interval Temporal Logic properties. Existing attacks and good/bad user behaviours are specified using Interval Temporal Logic, and the detection of new SQL injection attacks is done using the database observer component. Moreover, this thesis discusses a case study where various types of user behaviour are specified in Interval Temporal Logic and show how these can be detected. The implementation of each component has been provided and explained in detail showing the input, the output and the process of each component. Finally, the functionality of each checking component is evaluated using a case study. The user behaviour component is evaluated using sample attacks and normal user inputs. This thesis is summarized at the conclusion chapter, the future work and the limitations will be discussed. This research has made the following contributions: • New framework for detection and prevention of SQL injection attacks. • Runtime detection: use runtime verification technique based on Interval Temporal logic to detect various types of SQL injection attacks. • Database observer: to detect possible new injection attacks by monitoring database transactions. • User's behaviour: investigates related SQL injection attacks using user input, and providing early warning against SQL injection attacks.
Subjects/Keywords 005.1; QL injection ; Interval Temporal logic ; Runtime verification
Rights Full text available
Country of Publication uk
Record ID handle:2086/10076
Repository ethos
Date Retrieved
Date Indexed 2016-10-03

Sample Search Hits | Sample Images

…framework for the detection and prevention of SQL injection attacks that can detect new and existing attacks in addition to monitor ongoing attacks. The monitoring will be based on ITL (Interval Temporal Logic) and will use the Anatempura runtime…

…Examples of Using Temporal Logic ............................................................... 51 3.3. Interval Temporal Logic ..................................................................................... 52 3.3.1. ITL Syntax…

Temporal Logic CTL Computation Tree Logic CTPL Computation Tree Predicate Logic LTL Linear Temporal Logic MOFTL Metric First Order Temporal Logic xviii Chapter 1 Introduction Objectives  Present an introduction and the scope of this research…

…49 3.1. Introduction ........................................................................................................ 50 3.2. Temporal Logic Background .............................................................................. 50 3.2.1…

…53 Table 3.2 Interval Operations........................................................................................ 54 Table 3.3 Non Temporal Constructs ............................................................................. 55 Table 3.4…

Temporal Constructs ..................................................................................... 56 Table 4.1 Selective User’s Inputs.................................................................................. 86 Table 5.1 Input String S…

…DPF Detection and Prevention Framework DOM Document Object Model SPDL Security Policy Description Language BDDs Binary Decision Diagrams PQL Programme Query Language JSA Java String Analysis API application program interface ITL Interval

…1.1. Background Web based applications are a very important part of the internet because it enables the transfer of data and services such as banking applications and governmental applications via the Internet. However, the big challenge of using these…

.