Professional Documents
Culture Documents
!
"#
!
$
%&
'
|
1.Introduction
Web Security
Nowadays many activities are done by dynamic web
application. The private information must be kept
secret and confidentiality and integrity of them must
be provided by developer of web application but
unfortunately there is no any guarantee for preserving
the underlying databases from current attacks.
¦
Web Security
95% of web apps have vulnerabilities
rross--site
£ rross scripting (80%)
£ SQL injection (62 %)
£ Parameter tampering (60 %)
£ rookie poisoning (37 %)
£ Database server (33 %)
£ Web server (23 %)
£ Buffer overflow (19 %)
^
6WASP( 6pen Web Application Security Project )
Top 10 Web Application Security
Vulnerabilities
1. Invalidated input
2. Broken access control
3. Broken account/session management
4. rross--site scripting (XSS) flaws
rross
5. Buffer overflows
6. Injection flaws
7. Improper error handling
8. Insecure storage
9. Denial--of-
Denial of-service
10. Insecure configuration management
u
The Pre-
Pre-Thesis work is organized as
follows
£ Section 2 :Definition
:Definition of SQL Injection Attack
through an example.
£ Section 3 :Different
:Different SQLI Attack types.
£ Section 4 :Second
:Second Order Code Injection Attack
£ Section 5 :Review
:Review current techniques against SQLI.
£ Section 6 :Evaluate
:Evaluate SQL Injection Detection or/and
Prevention approaches against SQLIAs.
£ Section 7: ronclusion and Future Work
£ Section 8: References
D
£ Section 2 :Definition
:Definition of SQL Injection Attack
[
SQL Injection Attack
è
What is a SQL Injection Attack?
£ pany web applications take user input from a
form
£ 6ften this user input is used literally in the
construction of a SQL query submitted to a
database. For example:
± SELErT productdata FR6p table WHERE
productname = µV
µV V V
V V
£ A SQL injection attack involves placing SQL
statements in the user input
An Example SQL Injection Attack
||
SQL INJErTI6N ATTArK TYPES
There are different methods of attacks that depending on the goal of attacker
are performed together or sequentially.
|¦
SQL INJErTI6N ATTArK TYPES
rontd«
u Stored rocedure: Stored procedure is a part of database that
programmer could set an extra abstraction layer on the
database.
6 Inference: By this type of attack, intruders change the behavior
of a database or application.
(a) blind injection: stealing data by asking a series of True
False questions through SQL statements
(b) timing attacks. by observing timing delays in the database's
responses.
7 Alternate Encodings: modify the injection query by using
alternate encoding, such as hexadecimal, ASrII, and Unicode.
Because by this way they can escape from developer's filter
which scan input queries for special known "bad character".
|
£ Section 4: Second 6rder rode Injection Attack
|^
Second 6rder rode Injection Attack
|u
rategorizing Second-6rder rode Insertion
|D
rategorizing Second-6rder rode Insertion
|[
rategorizing Second-6rder rode Insertion
|è
rategorizing Second-6rder rode Insertion
|
rategorizing Second-6rder rode Insertion
¦
£ Section 5: Review rurrent Techniques against
SQLI
¦|
rode Injection Attack:
Detection And Prevention Techniques
¦
Evaluation
¦^
Proposed techniques were compared to assess whether it
was capable of addressing the different attack types
presented in Section III.
¦u
Table 2 illustrates the addressing percentage of SQL Injection attacks among
SQL Injection detection or prevention techniques. The percentage of
techniques that stop Tautology is calculated using this formula:
¦D
£ Section 7: ronclusion and Future Work
¦[
ronclusion and Future Work
¦è
£ank You!!!
¦