Abstract
SQL injection poses a major threat to the application level security of the database and there is no systematic solution to these attacks. Different from traditional run time security strategies such as IDS and firewall, this paper focuses on the solution at the outset; it presents a method to find vulnerabilities by analyzing the source codes. The concept of validated tree is developed to track variables referenced by database operations in scripts. By checking whether these variables are influenced by outside inputs, the database operations are proved to be secure or not. This method has advantages of high accuracy and efficiency as well as low costs, and it is universal to any type of web application platforms. It is implemented by the software code vulnerabilities of SQL injection detector (CVSID). The validity and efficiency are demonstrated with an example.
Similar content being viewed by others
References
Buehrer G, Weide B W, Sivilotti P A G. Using parse tree validation to prevent SQL injection attacks. In: Proceedings of the 5th International Workshop on Software Engineering and Middleware. New York, NY: ACM, 2005, 106–113
Wassermann G, Su Z. An Analysis Framework for Security in Web Applications. In: Proceedings of the Workshop on Specification and Verification of Component-Based Systems, 2004
Fosdick L D, Osterweil L J. Data Flow analysis in software reliability. Computing Surveys, 1976, 8(3): 305–330
Gustafsson J, Lisper B, Sandberg C, et al. A tool for automatic flow analysis of C-programs for WCET calculation. In: Proceedings of the Eighth International Workshop on Object-Oriented Real-Time Dependable Systems. IEEE Press, 2003, 106–112
Shankar U, Talwar K, Foster J S, et al. Detecting Format String Vulnerabilities with Type Qualifiers. In: Proceedings of the 10th USENIX Security Symposium, 2001
Walker D. A type system for expressive security policies. In: Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. New York, NY: ACM, 2000, 254–267
Huang Y W, Fang Y, Hang C, et al. Verifying web applications using bounded model checking. In: Proceedings of the 2004 International Conference on Dependable Systems and Networks, 2004, 199–208
Pietraszek T, Berge C V. Defending against injection attacks through context-sensitive string evaluation. In: Proceedings of Recent Advances in Intrusion Detection (RAID), 2005, 124–145
Author information
Authors and Affiliations
Corresponding author
Additional information
__________
Translated from Journal of Xi’an Jiaotong University, 2007, 41(4): 439–443 [译自: 西安交通大学学报]
About this article
Cite this article
Zhang, Z., Zheng, Q., Guan, X. et al. A method for detecting code security vulnerability based on variables tracking with validated-tree. Front. Electr. Electron. Eng. Ch 3, 162–166 (2008). https://doi.org/10.1007/s11460-008-0047-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11460-008-0047-x