Diglossia: Detecting code injection attacks with precision and efficiency

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2013, Pages 1181-1191

  Son, Sooel ^a   McKinley, Kathryn S ^a   Shmatikov, Vitaly ^a  

^a UNIVERSITY OF TEXAS AT AUSTIN   (United States)

Author keywords

code injection; dynamic analysis; nosql injection; sql injection; taint tracking; web application security

Indexed keywords

CODE INJECTION; CODE INJECTION ATTACKS; DESIGN AND IMPLEMENTATIONS; EXECUTABLE PROGRAMS; SQL INJECTION; SQL INJECTION ATTACKS; TECHNICAL INNOVATION; WEB APPLICATION SECURITY;

APPLICATION PROGRAMS; APPLICATIONS; DYNAMIC ANALYSIS; NETWORK SECURITY; WORLD WIDE WEB;

MICROPROCESSOR CHIPS;

EID: 84889055562     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2508859.2516696     Document Type: Conference Paper

References (26)

1. S. Bandhakavi, P. Bisht, P. Madhusudan, and V. N. Venkatakrishnan. CANDID: Preventing SQL injection attacks using dynamic candidate evaluations. In CCS, 2007.
2. S. Boyd and A. Keromytis. SQLrand: Preventing SQL injection attacks. In ACNS, 2004.
3. E. Chin and D. Wagner. Efficient character-level taint tracking for Java. In SWS, 2009.
4. CVE Details. http://www.cvedetails.com/vulnerabilities-by-types.php.
5. W. Halfond, A. Orso, and P. Manolios. Using positive tainting and syntax-aware evaluation to counter SQL injection attacks. In FSE, 2006.
6. N. Jovanovic, C. Kruegel, and E. Kirda. Pixy: A static analysis tool for detecting Web application vulnerabilities. In S&P, 2006.
7. A. Kieżun, P. Guo, K. Jayaraman, and M. Ernst. Automatic creation of SQL injection and cross-site scripting attacks. In ICSE, 2009.
8. A. Liu, Y. Yuan, D. Wijesekera, and A. Stavrou. SQLProb: A proxy-based architecture towards preventing SQL injection attacks. In SAC, 2009.
9. V. Livshits and M. Lam. Finding security vulnerabilities in Java applications with static analysis. In USENIX Security, 2005.
10. mongoDB production deployments. http://www.mongodb.org/about/production- deployments/.
11. R. Mui and P. Frankl. Preventing web application injections with complementary character coding. In ESORICS, 2011.
12. My Youtube My BB Plugin 1.0 SQL Injection. http://www.exploit-db.com/ exploits/23353.
13. A. Nguyen-Tuong, S. Guarnieri, D. Greene, and D. Evans. Automatically hardening Web applications using precise tainting. In SEC, 2005.
14. NoSQL. http://nosql-database.org/.
15. NoSQL injection attack on Diaspora. http://www.kalzumeus.com/2010/09/22/ security-lessons-learned-from-the-diaspora-launch/.
16. T. Pietraszek and C. Berghe. Defending against injection attacks through context-sensitive string evaluation. In RAID, 2006.
17. D. Ray and J. Ligatti. Defining code-injection attacks. In POPL, 2012.
18. R. Sekar. An efficient black-box technique for defeating Web application attacks. In NDSS, 2009.
19. S. Son and V. Shmatikov. SAFERPHP: Finding semantic vulnerabilities in PHP applications. In PLAS, 2011.
20. Z. Su and G. Wassermann. The essence of command injection attacks in Web applications. In POPL, 2006.
21. B. Sullivan. Server-side JavaScript injection. http://media.blackhat.com/ bh-us-11/Sullivan/BH-US-11-Sullivan-Server-Side-WP.pdf, 2011.
22. The BNF grammar for SQL-99. http://savage.net.au/SQL/.
23. J. Vijayan. TJX data breach: At 45.6M card numbers, it's the biggest ever. http://www.computerworld.com/s/article/9014782/TJX-data-breach-At-45.6M- card-numbers-it-s-the-biggest-ever, 2007.
24. G. Wassermann and Z. Su. Sound and precise analysis of Web applications for injection vulnerabilities. In PLDI, 2007.
25. WhiteHat website security statistics report. https://www.whitehatsec.com/ resource/stats.html, 2012.
26. W. Xu, S. Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In USENIX Security, 2006.