Proceedings ArticleDOI
AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks
William G. J. Halfond,Alessandro Orso +1 more
- pp 174-183
TLDR
A new technique using a model-based approach to detect illegal queries before they are executed on the database and was able to stop all of the attempted attacks without generating any false positives.Abstract:
The use of web applications has become increasingly popular in our routine activities, such as reading the news, paying bills, and shopping on-line. As the availability of these services grows, we are witnessing an increase in the number and sophistication of attacks that target them. In particular, SQL injection, a class of code-injection attacks in which specially crafted input strings result in illegal queries to a database, has become one of the most serious threats to web applications. In this paper we present and evaluate a new technique for detecting and preventing SQL injection attacks. Our technique uses a model-based approach to detect illegal queries before they are executed on the database. In its static part, the technique uses program analysis to automatically build a model of the legitimate queries that could be generated by the application. In its dynamic part, the technique uses runtime monitoring to inspect the dynamically-generated queries and check them against the statically-built model. We developed a tool, AMNESIA, that implements our technique and used the tool to evaluate the technique on seven web applications. In the evaluation we targeted the subject applications with a large number of both legitimate and malicious inputs and measured how many attacks our technique detected and prevented. The results of the study show that our technique was able to stop all of the attempted attacks without generating any false positives.read more
Citations
More filters
A Classification of SQL-Injection Attacks and Countermeasures
TL;DR: An extensive review of the different types of SQL injection attacks known to date is presented, including descriptions and examples of how attacks of that type could be performed and existing detection and prevention techniques against SQL injections.
Proceedings ArticleDOI
The essence of command injection attacks in web applications
Zhendong Su,Gary Wassermann +1 more
TL;DR: This paper presents the first formal definition of command injection attacks in the context of web applications, and gives a sound and complete algorithm for preventing them based on context-free grammars and compiler parsing techniques.
Journal ArticleDOI
A Comprehensive Study of Security of Internet-of-Things
Arsalan Mosenia,Niraj K. Jha +1 more
TL;DR: This survey attempts to provide a comprehensive list of vulnerabilities and countermeasures against them on the edge-side layer of IoT, which consists of three levels: (i) edge nodes, (ii) communication, and (iii) edge computing.
Journal ArticleDOI
Review of Internet of Things (IoT) in Electric Power and Energy Systems
TL;DR: An assessment of the role, impact and challenges of IoT in transforming EPESs is provided and several opportunities for growth and development are offered.
Proceedings ArticleDOI
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
Davide Balzarotti,Marco Cova,Viktoria Felmetsger,Nenad Jovanovic,Engin Kirda,Christopher Kruegel,Giovanni Vigna +6 more
TL;DR: This paper combines static and dynamic analysis techniques to identify faulty sanitization procedures that can be bypassed by an attacker, and is able to identify several novel vulnerabilities that stem from erroneous sanitized procedures.
References
More filters
Proceedings ArticleDOI
Countering code-injection attacks with instruction-set randomization
TL;DR: A new, general approach for safeguarding systems against any type of code-injection attack, by creating process-specific randomized instruction sets of the system executing potentially vulnerable software that can serve as a low-overhead protection mechanism, and can easily complement other mechanisms.
Proceedings Article
Finding security vulnerabilities in java applications with static analysis
TL;DR: This paper proposes a static analysis technique for detecting many recently discovered application vulnerabilities such as SQL injections, cross-site scripting, and HTTP splitting attacks based on a scalable and precise points-to analysis.
Proceedings ArticleDOI
Securing web application code by static analysis and runtime protection
TL;DR: A lattice-based static analysis algorithm derived from type systems and typestate is created, and its soundness is addressed, thus securing Web applications in the absence of user intervention and reducing potential runtime overhead by 98.4%.
Book
Writing Secure Code
TL;DR: The first book that focuses on programming secure applications in general instead of covering security for just the Web developer, network administrator, or IT professional is as mentioned in this paper, which provides software designers, architects, developers, and testers the training, theory, and techniques they need to ensure security.
Proceedings ArticleDOI
Finding application errors and security flaws using PQL: a program query language
TL;DR: This paper presents a language called PQL (Program Query Language) that allows programmers to express such questions easily in an application-specific context and develops both static and dynamic techniques to find solutions to PQL queries.