logging in or signing up WEB APPLICATION SQL INJECTION PREVENTER keerthie Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1591 Category: Education License: All Rights Reserved Like it (1) Dislike it (1) Added: March 13, 2009 This Presentation is Public Favorites: 2 Presentation Description IT IS A TOOL TO AVOID SQL INJECTION ,WHICH GOT THE 7TH PLACE IN TOP TEN WEB HACKING METHODS Comments Posting comment... Premium member Presentation Transcript WASP:WEB APPLICATION SQL INJECTION PREVENTER : WASP:WEB APPLICATION SQL INJECTION PREVENTER SQL INJECTION ATTACK : SQL INJECTION ATTACK SQL injection vulnerabilities are caused by inadequate input validation. Successful SQLIAs can give attackers access to the databases that underlying Web applications SAMPLE SQLIA : SAMPLE SQLIA SELECT *FROM accountTableWHERE username = ‘ADMIN’--'AND password = 'anything’ MAIN VARIANTS OF SQLIA : MAIN VARIANTS OF SQLIA Tautologies Union Queries Leveraging Stored Procedures MAIN VARIANTS OF SQLIA : MAIN VARIANTS OF SQLIA Piggybacked Queries Malformed Queries MAIN VARIANTS OF SQLIA : MAIN VARIANTS OF SQLIA Inference Alternate Encodings Existing System : Existing System Defensive Coding Practices Static Analyses Traditional Tainting (Or) Negative Tainting DISADVANTAGES OF DEFENSIVE CODING : DISADVANTAGES OF DEFENSIVE CODING It is difficult to implement It address only a subset of the possible attacks The cost and complexity of retrofitting existing code DISADVANTAGES OF STATIC ANALYSES : DISADVANTAGES OF STATIC ANALYSES Generate high rates of false positives We can’t find out vulnerabilities introduced at the run time Time consuming ,if conducted manually DISADVANTAGES OF TRADITIONAL TAINTING : DISADVANTAGES OF TRADITIONAL TAINTING Incompleteness Incompleteness leads to false negatives. Incompleteness may thus leave the application vulnerable to attacks PROPOSED SYSTEM : PROPOSED SYSTEM Positive Tainting Taint Propagation Character Level Tainting String Manipulation Syntax-Aware Evaluation POSITIVE TAINTING : POSITIVE TAINTING Taint marking the trusted data which means the data that is already marked as trusted e.g.: SELECT,FROM,UNION These keywords are said to be trusted data TAINT PROPAGATION : TAINT PROPAGATION We track taint information at the character level rather than at the string level. Because SQL queries constantly broken into substrings and then manipulated. SYNTAX-AWARE EVALUATION : SYNTAX-AWARE EVALUATION The technique then iterates through the tokens and checks whether tokens (that is, substrings) other than literals contain only trusted data. If all such tokens pass this check, the query is considered safe and is allowed to execute ADVANTAGES : ADVANTAGES Highly/fully automated Faster and accurate Minimal deployment requirements Slide 16: Queries ? ? ? Slide 17: Thank you You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
WEB APPLICATION SQL INJECTION PREVENTER keerthie Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1591 Category: Education License: All Rights Reserved Like it (1) Dislike it (1) Added: March 13, 2009 This Presentation is Public Favorites: 2 Presentation Description IT IS A TOOL TO AVOID SQL INJECTION ,WHICH GOT THE 7TH PLACE IN TOP TEN WEB HACKING METHODS Comments Posting comment... Premium member Presentation Transcript WASP:WEB APPLICATION SQL INJECTION PREVENTER : WASP:WEB APPLICATION SQL INJECTION PREVENTER SQL INJECTION ATTACK : SQL INJECTION ATTACK SQL injection vulnerabilities are caused by inadequate input validation. Successful SQLIAs can give attackers access to the databases that underlying Web applications SAMPLE SQLIA : SAMPLE SQLIA SELECT *FROM accountTableWHERE username = ‘ADMIN’--'AND password = 'anything’ MAIN VARIANTS OF SQLIA : MAIN VARIANTS OF SQLIA Tautologies Union Queries Leveraging Stored Procedures MAIN VARIANTS OF SQLIA : MAIN VARIANTS OF SQLIA Piggybacked Queries Malformed Queries MAIN VARIANTS OF SQLIA : MAIN VARIANTS OF SQLIA Inference Alternate Encodings Existing System : Existing System Defensive Coding Practices Static Analyses Traditional Tainting (Or) Negative Tainting DISADVANTAGES OF DEFENSIVE CODING : DISADVANTAGES OF DEFENSIVE CODING It is difficult to implement It address only a subset of the possible attacks The cost and complexity of retrofitting existing code DISADVANTAGES OF STATIC ANALYSES : DISADVANTAGES OF STATIC ANALYSES Generate high rates of false positives We can’t find out vulnerabilities introduced at the run time Time consuming ,if conducted manually DISADVANTAGES OF TRADITIONAL TAINTING : DISADVANTAGES OF TRADITIONAL TAINTING Incompleteness Incompleteness leads to false negatives. Incompleteness may thus leave the application vulnerable to attacks PROPOSED SYSTEM : PROPOSED SYSTEM Positive Tainting Taint Propagation Character Level Tainting String Manipulation Syntax-Aware Evaluation POSITIVE TAINTING : POSITIVE TAINTING Taint marking the trusted data which means the data that is already marked as trusted e.g.: SELECT,FROM,UNION These keywords are said to be trusted data TAINT PROPAGATION : TAINT PROPAGATION We track taint information at the character level rather than at the string level. Because SQL queries constantly broken into substrings and then manipulated. SYNTAX-AWARE EVALUATION : SYNTAX-AWARE EVALUATION The technique then iterates through the tokens and checks whether tokens (that is, substrings) other than literals contain only trusted data. If all such tokens pass this check, the query is considered safe and is allowed to execute ADVANTAGES : ADVANTAGES Highly/fully automated Faster and accurate Minimal deployment requirements Slide 16: Queries ? ? ? Slide 17: Thank you