Exposing SQL Injection Vulnerability through Penetration Test based on Finite State Machine

• Published in: 2016 2nd IEEE International Conference on Computer and Communications (ICCC) pp. 1171 - 1175
• Main Authors: Lei Liu, Jing Xu, Chenkai Guo, Jiehui Kang, Sihan Xu, Biao Zhang
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.10.2016
• Subjects: finite state machine; FSM; software testing; SQL injection; Switching circuits; Testing; Uniform resource locators; web application security
• DOI: 10.1109/CompComm.2016.7924889

Penetration test is one of the most used SQL Injection Vulnerability (SQLIV) testing technology. Focused on the insufficiency of test accuracy problem in SQLIV black-box penetration test process, we discuss the limitation of the traditional approaches based on test case library enumerating methods and propose a SQLIV Penetration Test approach based on Finite State Machine (SPT-FSM). The proposed approach establishes FSM based on the states corresponding to different SQLIV penetration test cases, map the statuses of test cases and their relevant responses, and analyzes the transition regularity of the established FSM for the testing of SQLIV with dynamic nature and states transition characteristics. We conduct experiments about the proposed approach and compare it with a popular state-of-the-art benchmarking tool. The experimental results show that the proposed approach can effectively improve the accuracy of SQLIV penetration test by reducing False Negatives (FN) and False Positives (FP).