Proceedings of the 2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016)

Research on penetration test of the SQL injection based on the formalization model

Authors
Ping Chen
Corresponding Author
Ping Chen
Available Online September 2016.
DOI
https://doi.org/10.2991/icence-16.2016.126How to use a DOI?
Keywords
SQL injection; penetration test; vulnerability; test case
Abstract

To solve the problem of generating adequate test cases to reduce omissive report of the SQL injection vulnerability in penetration testing, this paper proposes a model-driven penetration test case generation method, which can describe the regularity of current SQL injection attacks. The experiment shows that the test cases generated by the proposed method can more effectively find the SQL injection vulnerability hidden behind the inadequate defense mechanism, and can reduce the omissive report of SQL injection.

Copyright
© 2016, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the 2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016)
Series
Advances in Computer Science Research
Publication Date
September 2016
ISBN
978-94-6252-229-9
ISSN
2352-538X
DOI
https://doi.org/10.2991/icence-16.2016.126How to use a DOI?
Copyright
© 2016, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Ping Chen
PY  - 2016/09
DA  - 2016/09
TI  - Research on penetration test of the SQL injection based on the formalization model
BT  - Proceedings of the 2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016)
PB  - Atlantis Press
SP  - 670
EP  - 673
SN  - 2352-538X
UR  - https://doi.org/10.2991/icence-16.2016.126
DO  - https://doi.org/10.2991/icence-16.2016.126
ID  - Chen2016/09
ER  -