Revisión Sistemática de Literatura: Inyección SQL en Aplicaciones web

SQL injection is a security vulnerability that affects web applications. This occurs when a SQL (malicious code) query is inserted through the inputs of a client interface allowing you to read and modify information. This article details the process of systematic review of literature on primary studies that raise proposals and solution about SQL injection. Barbara Kitchenham proposed protocol was followed and a total of 9 studies of various journals and conferences was reviewed. Research on SQL injections is still an open issue, it has been obtained proposals for the prevention and detection of it. One is Hibrid Modeling Framework that addresses SQL injection vulnerabilities in the design phase. Exposed solutions are many and diverse, focused on prevention and detection of SQL injection vulnerabilities.  La inyección SQL es una vulnerabilidad de seguridad que afecta a las aplicaciones web. Esto ocurre cuando se inserta una consulta SQL (código malicioso), por medio de las entradas de una interfaz de cliente permitiendo leer y modificar la información. El presente artículo detalla el proceso de la revisión sistemática de literatura sobre estudios primarios que plantean propuestas y solución acerca de inyección SQL. Se siguió el protocolo propuesto por Bárbara Kitchenham y se revisó un total de 9 estudios de varias revistas y conferencias. Las investigaciones sobre inyecciones SQL es todavía un tema abierto, se ha obtenido propuestas para la prevención y detección de la misma. Una de ellas es Hibrid Modeling Framework que hace frente a las vulnerabilidades de inyección SQL en la fase de diseño. Las soluciones expuestas son muchas y diversas, enfocadas en la prevención y detección de vulnerabilidades de inyección SQL. &nbsp

The approaches to quantify web application security scanners quality: A review

The web application security scanner is a computer program that assessed web application security with penetration testing technique. The benefit of automated web application penetration testing is huge, which web application security scanner not only reduced the time, cost, and resource required for web application penetration testing but also eliminate test engineer reliance on human knowledge. Nevertheless, web application security scanners are possessing weaknesses of low test coverage, and the scanners are generating inaccurate test results. Consequently, experimentations are frequently held to quantitatively quantify web application security scanner's quality to investigate the web application security scanner's strengths and limitations. However, there is a discovery that neither a standard methodology nor criterion is available for quantifying the web application security scanner's quality. Hence, in this paper systematic review is conducted and analysed the methodology and criterion used for quantifying web application security scanners' quality. In this survey, the experiment methodologies and criterions that had been used to quantify web application security scanner's quality is classified and review using the preferred reporting items for systematic reviews and meta-analyses (PRISMA) protocol. The objectives are to provide practitioners with the understanding of methodologies and criterions that available for measuring web application security scanners' test coverage, attack coverage, and vulnerability detection rate, while provides the critical hint for development of the next testing framework, model, methodology, or criterions, to measure web application security scanner quality

An automated black box approach for web vulnerability identification and attack scenario generation

International audienceWeb applications have become increasingly vulnerable and exposed to malicious attacks that could affect essential properties of information systems such as confidentiality, integrity, or availability. To cope with these threats, it is necessary to develop efficient security protection mechanisms and assessment techniques (firewall, intrusion detection system, Web scanner, etc.). This paper presents a new methodology, based on Web page clustering techniques, that is aimed at identifying the vulnerabilities of a Web application following a black box analysis of the target application. Each identified vulnerability is actually exploited to ensure that it does not correspond to a false positive. The proposed approach can also highlight different potential attack scenarios including the exploitation of several successive vulnerabilities, taking into account explicitly the dependencies between these vulnerabilities. We have focused in particular on code injection vulnerabilities, such as SQL injections. The proposed methodology led to the development of a new Web vulnerability scanner that has been validated experimentally on several examples of vulnerable applications

Web applications testing techniques: a systematic mapping study

Due to the importance of Web application testing techniques for detecting faults and assessing quality attributes, many research papers were published in this field. For this reason, it became essential to analyse, classify and summarize the research in the field. The main goal of this research is to provide a classification or categorization of Web applications testing techniques or approaches to help researchers and practitioners to understand the current state-of-the-art in this field and find it easier to focus their research on the areas that had received less attention. To achieve this goal, this research conducted a systematic mapping study on 98 research papers in the field of Web applications testing published between 2008 and 2021. This mapping study resulted in a classification schema that categorizes the papers in this field into: model-based testing category, security testing category, and other types of testing categories. In model-based testing of Web applications, research papers were classified according to the model used for test data generation, while the research papers in the field of Web applications security testing were classified according to the targeted vulnerability. The results showed that the most commonly used Web applications testing techniques in literature are model-based testing and security testing. Besides, the most commonly used models in model-based testing are finite-state machines. The most targeted vulnerability in security testing is SQL injection. Test automation is the most targeted testing goal in both model-based and security testing. For other Web applications testing techniques, the main goals of testing were test automation, test coverage, and assessing security quality attributes