sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability

sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability

Fuzz testing technology is an important approach to detecting SQL injection vulnerabilities. Among them, coverage-guided gray-box fuzz testing technology is the current research focus, and has been proved to be an effective method. However, for SQL injection vulnerability, coverage-guided gray-box f...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Electronics (Basel) 2024-08, Vol.13 (15), p.2946
Hauptverfasser: Yuan, Ye, Lu, Yuliang, Zhu, Kailong, Huang, Hui, Chen, Yuanchao, Zhang, Yifan
Format: Artikel
Sprache:eng
Schlagworte:
Analysis
Efficiency
Feedback
Mutation
Query languages
Seeds
Source code
Technology assessment
Web applications
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue 15
container_start_page 2946
container_title Electronics (Basel)
container_volume 13
creator Yuan, Ye
Lu, Yuliang
Zhu, Kailong
Huang, Hui
Chen, Yuanchao
Zhang, Yifan
description Fuzz testing technology is an important approach to detecting SQL injection vulnerabilities. Among them, coverage-guided gray-box fuzz testing technology is the current research focus, and has been proved to be an effective method. However, for SQL injection vulnerability, coverage-guided gray-box fuzz testing as a detection method has the problems of low efficiency and high false positives. In order to solve the above problems, we propose a potentially vulnerable code-guided gray-box fuzz testing technology. Firstly, taint analysis technology is used to locate all the taint propagation paths containing potential vulnerabilities as potentially vulnerable codes. Then, the source code of the application program is instrumented according to the location of the potentially vulnerable code. Finally, the feedback of seeds during the run is used to guide seed selection and seed mutation, and a large number of test cases are generated. Based on the above techniques, we implement the sqlFuzz prototype system, and use this system to analyze eight modern PHP applications. The experimental results show that sqlFuzz can not only detect more SQL injection vulnerabilities than the existing coverage-guided gray box fuzz testing technology, but also significantly improve the efficiency, in terms of time efficiency increased by 80 percent.
doi_str_mv 10.3390/electronics13152946
format Article
fullrecord <record><control><sourceid>gale_proqu</sourceid><recordid>TN_cdi_proquest_journals_3090897900</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><galeid>A804512232</galeid><sourcerecordid>A804512232</sourcerecordid><originalsourceid>FETCH-LOGICAL-c241t-7b905998b260c9c686f77429ee519be97ef9fa6c6e44e3b1cd3d0413c751ac1b3</originalsourceid><addsrcrecordid>eNptUMlqwzAQFaWFhjRf0IuhZ6davE1vIW3SQKCULlcjy6Og4EiJZB-Sr69CeuihM4fZ3nsDj5B7RqdCAH3EDlXvnTUqMMFyDllxRUaclpACB379p78lkxC2NAYwUQk6IhAO3WI4nZ6SZ-OjDrbJeTR2k2jnk4_3dbKy23gwzibfQ2fRy8Z0pj_ekRstu4CT3zomX4uXz_lrun5bruazdap4xvq0bIDmAFXDC6pAFVWhyzLjgJgzaBBK1KBloQrMMhQNU61oacaEKnMmFWvEmDxcdPfeHQYMfb11g7fxZS0o0ApKoDSiphfURnZYG6td76WK2eLOKGdRm7ifVTTLGeeCR4K4EJR3IXjU9d6bnfTHmtH67Gv9j6_iB1UZbSo</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3090897900</pqid></control><display><type>article</type><title>sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability</title><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><source>MDPI - Multidisciplinary Digital Publishing Institute</source><creator>Yuan, Ye ; Lu, Yuliang ; Zhu, Kailong ; Huang, Hui ; Chen, Yuanchao ; Zhang, Yifan</creator><creatorcontrib>Yuan, Ye ; Lu, Yuliang ; Zhu, Kailong ; Huang, Hui ; Chen, Yuanchao ; Zhang, Yifan</creatorcontrib><description>Fuzz testing technology is an important approach to detecting SQL injection vulnerabilities. Among them, coverage-guided gray-box fuzz testing technology is the current research focus, and has been proved to be an effective method. However, for SQL injection vulnerability, coverage-guided gray-box fuzz testing as a detection method has the problems of low efficiency and high false positives. In order to solve the above problems, we propose a potentially vulnerable code-guided gray-box fuzz testing technology. Firstly, taint analysis technology is used to locate all the taint propagation paths containing potential vulnerabilities as potentially vulnerable codes. Then, the source code of the application program is instrumented according to the location of the potentially vulnerable code. Finally, the feedback of seeds during the run is used to guide seed selection and seed mutation, and a large number of test cases are generated. Based on the above techniques, we implement the sqlFuzz prototype system, and use this system to analyze eight modern PHP applications. The experimental results show that sqlFuzz can not only detect more SQL injection vulnerabilities than the existing coverage-guided gray box fuzz testing technology, but also significantly improve the efficiency, in terms of time efficiency increased by 80 percent.</description><identifier>ISSN: 2079-9292</identifier><identifier>EISSN: 2079-9292</identifier><identifier>DOI: 10.3390/electronics13152946</identifier><language>eng</language><publisher>Basel: MDPI AG</publisher><subject>Analysis ; Efficiency ; Feedback ; Mutation ; Query languages ; Seeds ; Source code ; Technology assessment ; Web applications</subject><ispartof>Electronics (Basel), 2024-08, Vol.13 (15), p.2946</ispartof><rights>COPYRIGHT 2024 MDPI AG</rights><rights>2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c241t-7b905998b260c9c686f77429ee519be97ef9fa6c6e44e3b1cd3d0413c751ac1b3</cites><orcidid>0000-0002-1532-6658 ; 0000-0001-7615-9585</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Yuan, Ye</creatorcontrib><creatorcontrib>Lu, Yuliang</creatorcontrib><creatorcontrib>Zhu, Kailong</creatorcontrib><creatorcontrib>Huang, Hui</creatorcontrib><creatorcontrib>Chen, Yuanchao</creatorcontrib><creatorcontrib>Zhang, Yifan</creatorcontrib><title>sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability</title><title>Electronics (Basel)</title><description>Fuzz testing technology is an important approach to detecting SQL injection vulnerabilities. Among them, coverage-guided gray-box fuzz testing technology is the current research focus, and has been proved to be an effective method. However, for SQL injection vulnerability, coverage-guided gray-box fuzz testing as a detection method has the problems of low efficiency and high false positives. In order to solve the above problems, we propose a potentially vulnerable code-guided gray-box fuzz testing technology. Firstly, taint analysis technology is used to locate all the taint propagation paths containing potential vulnerabilities as potentially vulnerable codes. Then, the source code of the application program is instrumented according to the location of the potentially vulnerable code. Finally, the feedback of seeds during the run is used to guide seed selection and seed mutation, and a large number of test cases are generated. Based on the above techniques, we implement the sqlFuzz prototype system, and use this system to analyze eight modern PHP applications. The experimental results show that sqlFuzz can not only detect more SQL injection vulnerabilities than the existing coverage-guided gray box fuzz testing technology, but also significantly improve the efficiency, in terms of time efficiency increased by 80 percent.</description><subject>Analysis</subject><subject>Efficiency</subject><subject>Feedback</subject><subject>Mutation</subject><subject>Query languages</subject><subject>Seeds</subject><subject>Source code</subject><subject>Technology assessment</subject><subject>Web applications</subject><issn>2079-9292</issn><issn>2079-9292</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><recordid>eNptUMlqwzAQFaWFhjRf0IuhZ6davE1vIW3SQKCULlcjy6Og4EiJZB-Sr69CeuihM4fZ3nsDj5B7RqdCAH3EDlXvnTUqMMFyDllxRUaclpACB379p78lkxC2NAYwUQk6IhAO3WI4nZ6SZ-OjDrbJeTR2k2jnk4_3dbKy23gwzibfQ2fRy8Z0pj_ekRstu4CT3zomX4uXz_lrun5bruazdap4xvq0bIDmAFXDC6pAFVWhyzLjgJgzaBBK1KBloQrMMhQNU61oacaEKnMmFWvEmDxcdPfeHQYMfb11g7fxZS0o0ApKoDSiphfURnZYG6td76WK2eLOKGdRm7ifVTTLGeeCR4K4EJR3IXjU9d6bnfTHmtH67Gv9j6_iB1UZbSo</recordid><startdate>20240801</startdate><enddate>20240801</enddate><creator>Yuan, Ye</creator><creator>Lu, Yuliang</creator><creator>Zhu, Kailong</creator><creator>Huang, Hui</creator><creator>Chen, Yuanchao</creator><creator>Zhang, Yifan</creator><general>MDPI AG</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L7M</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0002-1532-6658</orcidid><orcidid>https://orcid.org/0000-0001-7615-9585</orcidid></search><sort><creationdate>20240801</creationdate><title>sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability</title><author>Yuan, Ye ; Lu, Yuliang ; Zhu, Kailong ; Huang, Hui ; Chen, Yuanchao ; Zhang, Yifan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c241t-7b905998b260c9c686f77429ee519be97ef9fa6c6e44e3b1cd3d0413c751ac1b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Analysis</topic><topic>Efficiency</topic><topic>Feedback</topic><topic>Mutation</topic><topic>Query languages</topic><topic>Seeds</topic><topic>Source code</topic><topic>Technology assessment</topic><topic>Web applications</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Yuan, Ye</creatorcontrib><creatorcontrib>Lu, Yuliang</creatorcontrib><creatorcontrib>Zhu, Kailong</creatorcontrib><creatorcontrib>Huang, Hui</creatorcontrib><creatorcontrib>Chen, Yuanchao</creatorcontrib><creatorcontrib>Zhang, Yifan</creatorcontrib><collection>CrossRef</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Electronics (Basel)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Yuan, Ye</au><au>Lu, Yuliang</au><au>Zhu, Kailong</au><au>Huang, Hui</au><au>Chen, Yuanchao</au><au>Zhang, Yifan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability</atitle><jtitle>Electronics (Basel)</jtitle><date>2024-08-01</date><risdate>2024</risdate><volume>13</volume><issue>15</issue><spage>2946</spage><pages>2946-</pages><issn>2079-9292</issn><eissn>2079-9292</eissn><abstract>Fuzz testing technology is an important approach to detecting SQL injection vulnerabilities. Among them, coverage-guided gray-box fuzz testing technology is the current research focus, and has been proved to be an effective method. However, for SQL injection vulnerability, coverage-guided gray-box fuzz testing as a detection method has the problems of low efficiency and high false positives. In order to solve the above problems, we propose a potentially vulnerable code-guided gray-box fuzz testing technology. Firstly, taint analysis technology is used to locate all the taint propagation paths containing potential vulnerabilities as potentially vulnerable codes. Then, the source code of the application program is instrumented according to the location of the potentially vulnerable code. Finally, the feedback of seeds during the run is used to guide seed selection and seed mutation, and a large number of test cases are generated. Based on the above techniques, we implement the sqlFuzz prototype system, and use this system to analyze eight modern PHP applications. The experimental results show that sqlFuzz can not only detect more SQL injection vulnerabilities than the existing coverage-guided gray box fuzz testing technology, but also significantly improve the efficiency, in terms of time efficiency increased by 80 percent.</abstract><cop>Basel</cop><pub>MDPI AG</pub><doi>10.3390/electronics13152946</doi><orcidid>https://orcid.org/0000-0002-1532-6658</orcidid><orcidid>https://orcid.org/0000-0001-7615-9585</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 2079-9292
ispartof Electronics (Basel), 2024-08, Vol.13 (15), p.2946
issn 2079-9292
2079-9292
language eng
recordid cdi_proquest_journals_3090897900
source Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals; MDPI - Multidisciplinary Digital Publishing Institute
subjects Analysis
Efficiency
Feedback
Mutation
Query languages
Seeds
Source code
Technology assessment
Web applications
title sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T23%3A59%3A30IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-gale_proqu&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=sqlFuzz:%20Directed%20Fuzzing%20for%20SQL%20Injection%20Vulnerability&rft.jtitle=Electronics%20(Basel)&rft.au=Yuan,%20Ye&rft.date=2024-08-01&rft.volume=13&rft.issue=15&rft.spage=2946&rft.pages=2946-&rft.issn=2079-9292&rft.eissn=2079-9292&rft_id=info:doi/10.3390/electronics13152946&rft_dat=%3Cgale_proqu%3EA804512232%3C/gale_proqu%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3090897900&rft_id=info:pmid/&rft_galeid=A804512232&rfr_iscdi=true