Skip to main content
Conference Proceedings

Formal analysis of vulnerabilities of web applications based on SQL injection

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2016) 9871 LNCS 179-195
DOI: 10.1007/978-3-319-46598-2_13
5Citations
Citations of this article
17Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We present a formal approach for the analysis of attacks that exploit SQLi to violate security properties of web applications. We give a formal representation of web applications and databases, and show that our formalization effectively exploits SQLi attacks. We implemented our approach in a prototype tool called SQLfast and we show its efficiency on four real-world case studies, including the discovery of an attack on Joomla! that no other tool can find.

Cite

CITATION STYLE

APA

De Meo, F., Rocchetto, M., & Viganò, L. (2016). Formal analysis of vulnerabilities of web applications based on SQL injection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9871 LNCS, pp. 179–195). Springer Verlag. https://doi.org/10.1007/978-3-319-46598-2_13

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free