A Proposed Framework Against Code Injection Vulnerabilities in Online Applications

Teresa K. George,
K. Poulose Jacob,
Rekha K. James,

Abstract


Security vulnerabilities are frequently detected and exploited in modern web applications. Intruders obtain unrestricted access to the information stored at the back-end database server of a web application by exploiting security vulnerabilities. Code injection attacks top the list due to lack of effective strategies for detecting and blocking injection attacks. The proposed Token based Detection and Neural Network based Reconstruction (TbD-NNbR) framework is a unique approach to detect and block code injections with negligible processing overheads. This framework makes use of an efficient token mapping and validation technique to match the statically generated legal query tokens against the parsed dynamic query tokens at run time. The proposed approach also has the provision to reconstruct queries from authenticated users. The prototype implementation of TbD-NNbR shows that it does not demand any source code modifications and incurs only a negligible computational overhead without any incidents of false positives or false negatives.


Citation Format:
Teresa K. George, K. Poulose Jacob, Rekha K. James, "A Proposed Framework Against Code Injection Vulnerabilities in Online Applications," Journal of Internet Technology, vol. 20, no. 1 , pp. 83-96, Jan. 2019.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Library and Information Center, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd. Shoufeng, Hualien 97401, Taiwan, R.O.C.
Tel: +886-3-931-7017  E-mail: jit.editorial@gmail.com