MATHEMATICAL MODEL FOR TESTING SQL INJECTION VULNERABILITY TECHNOLOGY
DOI:
https://doi.org/10.26906/SUNZ.2019.6.043Keywords:
SQL Injection Vulnerability, GERT-networks, security vulnerabilities, testing algorithms, mathematical testing modelAbstract
The paper presents the results of the study and testing algorithms for vulnerability to SQL injection, one of the most common types of attacks against Web-based applications. Based on the analysis of the methodology for testing the vulnerability of Web applications to the DOM XSS and the materials of the Open Web Application Security Project, an algorithm of analysis of the vulnerability of Web applications to SQL injections has been developed . A distinctive feature of this algorithm is consideration of only the vulnerability that is present in the GET URL parameters and uses only the blind SQL injection of code that uses the feature of using Boolean operators in SQL queries (Boolean blind SQL injection). Based on the presented algorithm, a GERT-model of a technology for testing vulnerabilities to SQL injections was developed, in which the nodes of the graph are interpreted by the states of the computer system in the process of testing the vulnerability to SQL injections, and the branches of the graph are interpreted as probabilistic-temporal characteristics of transitions between states. Thus, on the basis of the exponential GERT network, a mathematical model was developed for testing SQL injection vulnerability technology, which differs from the known technologies by improved method for determining the distance between injection results. The use of the Jaro - Winkler criterion in the proposed method for comparing the results of an injection of SQL code and introducing a threshold value will improve the accuracy of the results of software security testing. An example of an SQL injection attack, the essence of which is the introduction of arbitrary SQL code into data (transmitted via GET, POST or Cookie values), is considered. Graphs were constructed, the curves of which suggest that not all of the found solutions are applicable in mathematical and simulation modeling as input data. At the same time, the appearance of the graphs obtained for other values suggests that the random value of the execution time of the technology for testing the vulnerability to SQL injection corresponds to the gamma distribution (close to exponential). Testing of this hypothesis is made by the χ2 Pearson criterionDownloads
References
OWASP Top 10 – 2017 RC1: [Електронний ресурс]. – Режим доступу: https://github.com/OWASP.
Kovalenko O., Smirnov O., Kovalenko A., Smirnov S., Vialkova, V. The mathematical model of the testing technology for DOM XSS vulnerabilities. Scientific & practical cyber security journal (SPCSJ). Tbilisi: SCSA, 2018Vol. 2, Is. 1, pp. 22-28.
Коваленко А.В. Методы качественного анализа и количественной оценки рисков разработки программного обеспе- чения / А.А. Смирнов, А.В. Коваленко // Системи обробки інформації. – Вип.. 5(142). – Х.: ХУПС, 2016. – С. 153-157.
Технология тестирования DOM XSS уязвимости / А.В. Коваленко, А.С. Коваленко, А.А. Смирнов, С.А. SPCSJ. No 1. [Электронный Журнал]. Грузия. Тбилиси: SCSA – 2017. URL: http://journal.scsa.ge/ru/issues/2017/09/484
Коваленко А.В. Проблемы анализа и оценки рисков информационной деятельности / А.А. Смирнов, А.В. Коваленко, Н.Н. Якименко, А.П. Доренский // Системи обробки інформації. – Випуск 3(140). – Х.: ХУПС – 2016. – С. 40-42.
About The Open Web Application Security Project – OWASP: [Електронний ресурс]. – Режим доступу: https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project.
Testing for SQL Injection (OTG-INPVAL-005) – OWASP: [Електронний ресурс]. – Режим доступу: https://www.owasp. org/ index.php/103 Testing_for_SQL_Injection_(OTG-INPVAL-005).
