Article Preview
TopIntroduction
In general, web applications are real-time applications that include online sales, online auctions, online banking, online stock forecasting and so on. These applications have to be deployed with higher degree of reliability, confidentiality and efficiency. As these applications are vulnerable to various kinds of attack, protecting such applications from them is essential (Balasundaram and Ramaraj, 2012). The OWASP’s Top 10 most critical web application security risks are: Injection, Broken Authentication and Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References, Security misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, etc. (OWASP Report, 2017)
Many of the web based applications are two-tier or three-tier architecture ones, in which the business information or customer related crucial information will be stored in back-end databases. The Structured Query Language (SQL) is used to communicate with such back-end databases to store, process and update the information.
The attackers or intruders generally use these SQL statements present in the server-side code of the web application and inject them with malicious input along with the dynamic user input. This helps them to access and retrieve the crucial information stored in these databases without the knowledge of the users of the websites and even the administrators of the website. This type of attack which is called as SQL Injection Attack (SQLIA) allows the intruders to retrieve information from the backend databases directly. Depending on the security measures of the application, the risk of SQL Injection attack can vary from remote code execution and total system compromise to basic information disclosure (Tajpour et al., 2011).
According to Teska Labs report (2016), today’s malicious hackers have an average of 312 days to exploit “zero-day” computer software flaws before human cyber security experts can find and fix these flaws. Due to the severity level of such attacks, several researchers’ have proposed different approaches to reduce their impact for secured online transactions. Based on the literature reviews, it has been identified that, most of the existing works are using static code analysis techniques with some persistent storage to store different attack types to evaluate the vulnerabilities of user inputs. But, as these will cause second order attacks by the intruders on these backend tables again by means of SQL injection attacks, the existing works are proven to be error-prone. Some of the dynamic execution based analysis techniques depend on mutation based analysis which requires huge amount of storage space to store different versions of the queries for each kind of attack and also higher execution time is required to execute both mutated queries and actual queries to compare their results.
The vulnerability and severity level of SQLIAs and the insights gained over the problems in the existing works have been the motivation behind this research work to find an alternative mechanism that will prevent SQLIAs and also does not have any second order attacks with less time consumption.
Hence, the objective of this research work is twofold: (1) to identify the potential SQL queries that are vulnerable to attack and (2) to provide an alternate mechanism to rewrite them in order to prevent SQLIA type of attacks using an intelligent agent with heuristic guided graph searching technique.