Defining code-injection attacks
Citations Over TimeTop 10% of 2012 papers
Abstract
This paper shows that existing definitions of code-injection attacks (e.g., SQL-injection attacks) are flawed. The flaws make it possible for attackers to circumvent existing mechanisms, by supplying code-injecting inputs that are not recognized as such. The flaws also make it possible for benign inputs to be treated as attacks. After describing these flaws in conventional definitions of code-injection attacks, this paper proposes a new definition, which is based on whether the symbols input to an application get used as (normal-form) values in the application's output. Because values are already fully evaluated, they cannot be considered "code" when injected. This simple new definition of code-injection attacks avoids the problems of existing definitions, improves our understanding of how and when such attacks occur, and enables us to evaluate the effectiveness of mechanisms for mitigating such attacks.
Related Papers
- All About SQL Injection Attacks(2018)
- → SQLIADP: A Novel Framework to Detect and Prevent SQL Injection Attacks(2019)2 cited
- An Overview to SQL Injection Attacks and its Countermeasures(2014)
- → A detection model for SQL injection attack(2015)1 cited
- Attack Analysis and Prevention of SQL Injection(2013)