Automated Fix Generator for SQL Injection Attacks

14 years 5 months ago

Download www.cs.virginia.edu

A critical problem facing today’s internet community is the increasing number of attacks exploiting flaws found in Web applications. This paper specifically targets input validation vulnerabilities found in SQL queries that may lead to SQL Injection Attacks (SQLIAs). We introduce a tool that automatically detects and suggests fixes to SQL queries that are found to contain SQL Injection Vulnerabilities (SQLIVs). Testing was performed against phpBB v2.0, an open source forum package, to determine the accuracy and efficacy of our software.

Fred Dysart, Mark Sherriff

Real-time Traffic

ISSRE 2008 | Software Engineering | SQL Injection | SQL Injection Vulnerabilities | SQL Queries |

claim paper

Post Info
More Details (n/a)

Added	31 May 2010
Updated	31 May 2010
Type	Conference
Year	2008
Where	ISSRE
Authors	Fred Dysart, Mark Sherriff

Comments (0)

Sciweavers

Automated Fix Generator for SQL Injection Attacks

ISSRE 2008 | Software Engineering | SQL Injection | SQL Injection Vulnerabilities | SQL Queries |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers