SQL Injection Is Still Alive: A Study on SQL Injection Signature Evasion Techniques

Abstract

SQL injection is one of the biggest challenges for the web application security. Based on the studies by OWASP, SQL injection has the highest rank in the web based vulnerabilities. In case of a successful SQL injection attack, the attacker can have access to the web application database. With the rapid rise of SQL injection based attacks, researchers start to provide different security solutions to protect web application against them. One of the most common solutions is the using of web application firewalls. Usually these firewalls use signature based technique as the main core for the detection. In this technique the firewall checks each packet against a list of predefined SQL injection attacks known as signatures. The problem with this technique is that, an attacker with a good knowledge of SQL language can change the look of the SQL queries in a way that firewall cannot detect them but still they lead to the same malicious results. In this paper first we described the nature of SQL injection attack, then we analyzed current SQL injection detection evasion techniques and how they can bypass the detection filters, afterward we proposed a combination of solutions which helps to mitigate the risk of SQL injection attack.