A Defense against SQL Injection Attack through Validation on Input Legitimacy

• Main Authors: Ching-Ju Wu, 吳靜茹
• Other Authors: Hsiao-Rong Tyan
• Format: Others
• Language: zh-TW
• Published: 2009
• Online Access: http://ndltd.ncl.edu.tw/handle/44317375982863901114

碩士 === 中原大學 === 資訊工程研究所 === 97 === The development of Web 2.0 brings in the prevalence of web application services based on database support. Along with the increasing interaction with database, web application service programs become complicate, which makes it difficult to guarantee that SQL query constructed using user input is safe to database. Therefore, an effective defense mechanism against SQL injection attack from malicious user is important to the safe use of the valuable content in the database. In this thesis, a novel defense scheme is proposed. Before a web application service program is put into work, a static analysis process is applied to determine the type of each user supplied parameter to be used in constructing SQL queries. Later, when a user input is received at web server at run time, a validation procedure is performed to determine the legitimacy of the input according to its type before it is delivered to corresponding application program to construct SQL query. In this way, the possibility of constructing illegal SQL queries is eliminated. The scheme focus on the input parameters directly related to SQL query construction, which makes it possible to follow SQL syntax precisely and allow atypical yet proper input value. The scheme also avoid the problem of leaking of information internal to the web application service since the validation procedure is performed at web server before user input is delivered to the corresponding application programs. The proposed scheme is transparent to both user and the program developer. It only requires administration effort to run the static analysis process on application programs and to install the validation module in web server to achieve the desired protection against SQL injection attacks.