Total views : 333

Enhanced Pushdown Automaton based Static Analysis for Detection of SQL Injection Hotspots in Web Application


  • Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Serdang, Selangor, Malaysia


SQL injection Hotspots (SQLiHs) are Application’s Entry Points (AEPs) through which SQL injection is possible, subject to the application’s internal sanitization or validation capabilities. Since not all AEPs are SQLiHs, one serious challenge during testing of very large web application for detection of SQL Injection Vulnerabilities (SQLIVs) is how to reliably decide which AEPs to consider for the test and which AEPs are unnecessary? In this paper, we propose a new Pushdown Automaton (PDA) based static analysis technique for detection of SQLiHs in web applications. The goal is to produce concrete information that can reliably and confidently guide both human tester/developer and SQLIVs detection tools/techniques as to which part of the source code to concentrate their efforts during detection and fixing of SQL injection flaws in an application. The proposed technique is an integral part of an on-going research on automated method for detection and removal of SQLIVs in web application. Experimental evaluation of the method is in progress. However, preliminary results show that the proposed technique is both feasible and effective.


Context Free Grammar, Data Flow Path, Sensitive Sink, Vulnerabilities.

Full Text:

 |  (PDF views: 303)


  • Iberia M, Nuno FN, Miquel C. Automatic detection and correction of web application vulnerabilities using data mining to predict false positives. IEEE Proceedings of the 23rd International Conference on World Wide Web; New York, USA. 2014. p. 63-74. DOI: 10.1145/2566486.2568024.
  • Static program analysis; 2016. Available from:
  • JovanovicN, Kruegel C, Kirda E. Pixy: A static analysis tool for detecting web application vulnerabilities. IEEE Symposium on Security and Privacy. Berkeley/Oakland, CA. 2006 May 21-24. DOI: 10.1109/SP.2006.29.
  • Gupta MK, Govil MC, Singh G. Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey. Proceedings of the International Conference on Recent Advances and Innovations in Engineering, ICRAIE; Jaipur. 2014. DOI: 10.1109/ICRAIE.2014.6909173.
  • Son S, Shmatikov V. SAFERPHP: Finding semantic vulnerabilities in PHP applications. Proceedings of the 6th Workshop on Programming Languages and Analysis for Security, ACM SIGPLAN 2011; New York, USA. 2011. DOI:10.1145/2166956.2166964.
  • Halford W, Orso A. AMNESIA: Analysis and monitoring for neutralizing SQL-injection attacks. IEEE/ACM Proceedings of the 20th International Conference on Automated Software Engineering; Long Beach, CA, USA. Nov 2005. p. 174–83.
  • Halford W, Viegas J, Orso A. A classification of SQL injection attacks and countermeasures. IEEE Proceedings of the International Symposium on Secure Software Engineering, ISSSE’06; Available from: 8. Pushdown Automaton; 2016. Available from:
  • Hopcroft JE, Motwani R, Ullman JD. Introduction to automata theory, languages, and computation. 3rd ed. Addison Wesley; 2007.
  • Kabir U, Bakar SA, Hazura Z, Novia A, Mohd TA. On the automation of vulnerabilities fixing for web application. Proceedings of the 9th International Conference of Software Engineering Advances, ICSEA 2014; Nice, France. 2014 Oct 12-14. DOI: 10.1016/S1353-4858(07)70094-6.
  • Kabir U, Bakar SA, Hazura Z, Novia A, Mohd TA. Prevention of attack on islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach. IEEE Proceedings of the 5th International Conference on Information and Communication Technology for the Muslim World, ICT4M 2014; Kuching, Sarawak, Malaysia. 2014 Nov 17-18. DOI: 10.1109/ICT4M.2014.7020604.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.