Search-Based SQL Injection Attacks Testing Using Genetic Programming

, &
Lecture Notes in Computer Science 9594 (March):183–198 (2016)
  Copy   BIBTEX

Abstract

Software testing is a key phase of many development methodologies as it provides a natural opportunity for integrating security early in the software development lifecycle. However despite the known importance of software testing, this phase is often overlooked as it is quite difficult and labour-intensive to obtain test datasets to effectively test an application. This lack of adequate automatic software testing renders software applications vulnerable to malicious attacks after they are deployed as detected software vulnerabilities start having an impact during the production phase. Among such attacks are SQL injection attacks. Exploitation of SQL injection vulnerabilities by malicious programs could result in severe consequences such as breaches of confidentiality and false authentication. We present in this paper a search-based software testing technique to detect SQL injection vulnerabilities in software applications. This approach uses genetic programming as a means of generating our test datasets, which are then used to test applications for SQL injection-based vulnerabilities.

Categories

Add categories

Keywords

Reprint years

ISBN(s)

9783319306674

Other Versions

No versions found

Links

PhilArchive



    Upload a copy of this work     Papers currently archived: 101,139

External links

  • This entry has no external links. Add one.
Setup an account with your affiliations in order to access resources via your University's proxy server

Through your library

My notes

Similar books and articles

Automatic Generation and Optimization of Test case using Hybrid Cuckoo Search and Bee Colony Algorithm.T. V. SureshKumar & P. Lakshminarayana - 2020 - Journal of Intelligent Systems 30 (1):59-72.
Mathematical model for a temporal-bounded classifier in security environments.Juan F. de Paz, Martín Navarro, Cristian I. Pinzón, Vicente Julián & Dante I. Tapia - 2012 - Logic Journal of the IGPL 20 (4):712-721.
Automated Test Data Generation Using Cuckoo Search and Tabu Search (CSTS) Algorithm.Suhas Santebennur Ranganatha, Sanjay Kumar, Shobhit Khandelwal, Rahul Khandelwal & Praveen Ranjan Srivastava - 2012 - Journal of Intelligent Systems 21 (2):195-224.
Agents of responsibility in software vulnerability processes.Ari Takanen, Petri Vuorijärvi, Marko Laakso & Juha Röning - 2004 - Ethics and Information Technology 6 (2):93-110.
The Problem of Meaning: Behavioral and Cognitive Perspectives.Charlotte Mandell & Allyssa McCabe - 1997 - North-Holland.
Real-Life Applications Based on Knowledge Technology-Attribute Reduction Based Expected Outputs Generation for Statistical Software Testing.Mao Ye, Boqin Feng, Li Zhu & Yao Lin - 2006 - In O. Stock & M. Schaerf (eds.), Lecture Notes In Computer Science. Springer Verlag. pp. 786-791.
Penetration Testing: A Hands-On Introduction to Hacking vol. 1.Georgia Weidman - 2014 - No Starch Press.
Quality management practices in software industry: An overview of framework followed for software quality management.Karuna Devi Mishra & S. K. Sudarsanam - unknown
The Problem of Justification of Empirical Hypotheses in Software Testing.Nicola Angius - 2014 - Philosophy and Technology 27 (3):423-439.
Quality management practices in software industry: An overview of framework followed for software quality management.Dr Karuna Devi Mishra & S. K. Dr Sudarsanam - unknown

Analytics

Added to PP
2023-09-18

Downloads
0

6 months
0

Historical graph of downloads

Sorry, there are not enough data points to plot this chart.
How can I increase my downloads?

Citations of this work

No citations found.

Add more citations

References found in this work

No references found.

Add more references