New Approach for Detecting SQL Injection Vulnerability in Web application
| dc.contributor.author | BOUDRAA, YOUNES | |
| dc.date.accessioned | 2019-07-23T10:24:32Z | |
| dc.date.available | 2019-07-23T10:24:32Z | |
| dc.date.issued | 2019 | |
| dc.description.abstract | Web applications vulnerabilities allow attackers to perform malicious actions that range from gaining unauthorised access to obtaining sensitive data. Improper input validation and sanitization are the common reason for most of them. SQL injection attack (SQLIA) is the more famous attack based on improper input validation and sanitization. To mitigate the problem we propose a new approach in developing a reliable automatic black box testing scanner for detecting SQL injection vulnerability SQLIVD (SQL injection vulnerability Detector). Our SQLiV detection approach is based on rejection page and on structural similarity algorithms to calculate the structural similarity between rejection page and its corresponding injection page ; our proposed approach able to minimize the false positive and false negative detection rate. The proposed scanner proved the effectiveness of our approach compared to the most popular web application scanners in the field. | en_US |
| dc.identifier.uri | http://dspace.univ-msila.dz:8080//xmlui/handle/123456789/15701 | |
| dc.language.iso | en | en_US |
| dc.publisher | UNIVERSITY MOHAMED BOUDIAF - M’SILA FACULTY OF MATHEMATICS AND COMPUTER SCIENCE COMPUTER SCIENCE DEPARTMENT - Specialty: networks and information and communication technology | en_US |
| dc.subject | black box testing, SQL injection, structural similarity algorithm, false positive, false negative | en_US |
| dc.title | New Approach for Detecting SQL Injection Vulnerability in Web application | en_US |
| dc.type | Thesis | en_US |