Automatic Vulnerability Detection Algorithm for the SQL-Injection
Abstract
Attacks to web applications are a relatively new type of attack. If the web application does not filter incoming parameters properly, then attackers can get the opportunity to falsify the database using the form on the web page or by changing other incoming data. Mathematical modeling and identification of information objects play an important role in solving problems of pattern recognition. One of these tasks is to detect attacks or normal requests for web applications. Studies on the detection of attacks or normal requests for web applications began relatively recently. Nevertheless, there is a lot of research in this direction. Attack of the form of SQL-injection is a common way of hacking web applications that have a database. Our paper proposes a mathe-matical method for identifying SQL-injection attacks using a function bounded below that depends on the input string. To build such a function, we used special characters and keywords that are often found in the construction of attacks by intruders. In our proposed method, we can detect SQL-injection attacks using a single character. Nevertheless, we experimentally show that the proposed detection method using a set of numerous symbols allows us to determine the vulnerability of the form of SQL-injection more accurately. In the proposed method, we created a character set that combines both attack and normal detections, and the previously known threshold, using the approximate data of the attackers and normal strings. According to our experiments with artificial data, the set contains a space, a semicolon, and the right bracket has worked well for a larger weight range for the attack and the normal string.