Behind an Application Firewall, Are We Safe from SQL Injection Attacks?

Author(s): Dennis Appelt, Cu D. Nguyen, Lionel Briand
Venue: 2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)
Date: 2015

Type of Experiement: Controlled Experiment
Sample Size: 3
Class/Experience Level: Professional
Participant Selection: Used different system for testing based on most widely accepted systems
Data Collection Method: Code Metric


This paper highlights the need for a better system to protect web services against SQL Injection and Cross Site Scripting. The authors express their frustration at traditional testing techniques for guarding against these attacks because of how much time it takes to generate test cases (and how few new test cases the by hand method produces). They determined that by using a Machine Learning technique, better and more test cases could be made to accurately test a system and identify vulnerabilities faster.

The two main conclusions from this paper are the context free grammar the authors wrote to define the structure of a SQL Injection attack and the results of the machine learning approach to creating test cases. The grammar is useful to those trying to write test cases to test their own system against vulnerabilities. Especially if a tester is trying to implement some sort of ML approach. The authors then proved that by using machine learning, they could generate more unique test cases that penetrated a system. Being able to identify more bug in a web system is very useful and with their approach, testers can do a better job identifying problem areas.