A study on SQL injection vulnerability discovery and localization techniques based on fuzz testing
As Java becomes one of the most popular programming languages,it plays a critical role in web ap-plication development in sectors like finance,government,and business.However,the widespread use of Java web applications has made them a major target for cyber attacks,leading to frequent security vulnerabili-ties,especially SQL injection flaws.Existing detection methods for SQL injection vulnerabilities,such as vulnerability scanning,machine learning,and fuzz testing,face challenges in test case generation.These methods either depend on fixed test cases,incur high training costs for machine learning models,or lack tar-geted mutation in traditional fuzz testing,reducing their effectiveness in detecting SQL injection vulnerabili-ties.To address these issues,this paper introduces a fuzz testing-based method for identifying and locating SQL injection vulnerabilities.This method integrates genetic algorithm processes(selection,crossover,and mutation)with mutation strategies that bypass security measures and a scoring mechanism for mutation strat-egy scheduling.This approach allows for the rapid convergence of a small initial sample set to high-quality cases that effectively bypass code filtering,enhancing the diversity and targeting of test cases for vulnerability mining.Additionally,the method uses bytecode instrumentation to dynamically capture runtime state infor-mation of applications and network data for accurate vulnerability detection and localization.The effectiveness of this method is further demonstrated by the development and testing of the GAFuzz tool,which is compared with existing vulnerability mining tools and standard genetic algorithms.The results show that GAFuzz excels in generating effective attack cases,mining vulnerabilities,and providing detailed vulner-ability information.
Fuzz testingSQL InjectionTest case generationGenetic algorithmVulnerability localization
国家科技期刊平台
NSTL
万方数据
