Detection Method of the Second-Order SQL Injection in Web Applications

Web applications are threatened seriously by SQL injection attacks. Even though a number of methods and tools have been put forward to detect or prevent SQL injections, there is a lack of effective method for detecting second-order SQL injection which stores user inputs into the back-end database. This paper proposes a detecting solution that combines both static and dynamic methods for second-order SQL injection. This solution first analyzes source code to find out the vulnerable data item pair which probably has second-order SQL injection vulnerability and then transforms it into an effective test sequence. After that, test sequence and malicious inputs are combined together for testing. Assessment of this solution in four applications and practical use show its effectiveness in the detection of second-order SQL injection.