Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach
In recent times, there is an alarming increase in web application attacks, with significant cases, specifically, targeting Islamic websites. Since 2004, SQL Injection Vulnerabilities (SQLIVs) remains the most serious software security loopholes via which web applications are exploited. Fixing SQLIVs...
| Main Authors: | , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
IEEE (IEEE Xplore)
2014
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/38838/ |
| _version_ | 1848848983826366464 |
|---|---|
| author | Umar, Kabir Md. Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik |
| author_facet | Umar, Kabir Md. Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik |
| author_sort | Umar, Kabir |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | In recent times, there is an alarming increase in web application attacks, with significant cases, specifically, targeting Islamic websites. Since 2004, SQL Injection Vulnerabilities (SQLIVs) remains the most serious software security loopholes via which web applications are exploited. Fixing SQLIVs prior to deployment would provide very effective means of protection against such exploits. Ideally, SQLIVs fixing includes four main phases: SQLIVs detection, fix generation, fix application, and fix effectiveness verification. Most existing research works address different phases separately. There is no single research that addresses the four phases in a seamless integrated automation. This paper presents instances of attack on Islamic websites, and then propose framework for seamless integrated and automated SQLIVs fixing for web application, as part of an ongoing research work. The framework employs Evolutionary Programming to establish competitive co-evolution of web applications and test sets, in which fitness of evolved web applications is evaluated based on their ability to defend test attacks and pass legitimate input tests. |
| first_indexed | 2025-11-15T09:43:10Z |
| format | Conference or Workshop Item |
| id | upm-38838 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-15T09:43:10Z |
| publishDate | 2014 |
| publisher | IEEE (IEEE Xplore) |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-388382016-06-08T08:33:51Z http://psasir.upm.edu.my/id/eprint/38838/ Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach Umar, Kabir Md. Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik In recent times, there is an alarming increase in web application attacks, with significant cases, specifically, targeting Islamic websites. Since 2004, SQL Injection Vulnerabilities (SQLIVs) remains the most serious software security loopholes via which web applications are exploited. Fixing SQLIVs prior to deployment would provide very effective means of protection against such exploits. Ideally, SQLIVs fixing includes four main phases: SQLIVs detection, fix generation, fix application, and fix effectiveness verification. Most existing research works address different phases separately. There is no single research that addresses the four phases in a seamless integrated automation. This paper presents instances of attack on Islamic websites, and then propose framework for seamless integrated and automated SQLIVs fixing for web application, as part of an ongoing research work. The framework employs Evolutionary Programming to establish competitive co-evolution of web applications and test sets, in which fitness of evolved web applications is evaluated based on their ability to defend test attacks and pass legitimate input tests. IEEE (IEEE Xplore) 2014 Conference or Workshop Item NonPeerReviewed Umar, Kabir and Md. Sultan, Abu Bakar and Zulzalil, Hazura and Admodisastro, Novia and Abdullah @ Selimun, Mohd Taufik (2014) Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach. In: The 5th International Conference on Information and Communication Technology for The Muslims World (ICT4M) 2014, 17-19 Nov. 2014, Kuching, Sarawak, Malaysia. (pp. 1-6). 10.1109/ICT4M.2014.7020604 |
| spellingShingle | Umar, Kabir Md. Sultan, Abu Bakar Zulzalil, Hazura Admodisastro, Novia Abdullah @ Selimun, Mohd Taufik Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach |
| title | Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach |
| title_full | Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach |
| title_fullStr | Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach |
| title_full_unstemmed | Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach |
| title_short | Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach |
| title_sort | prevention of attack on islamic websites by fixing sql injection vulnerabilities using co-evolutionary search approach |
| url | http://psasir.upm.edu.my/id/eprint/38838/ http://psasir.upm.edu.my/id/eprint/38838/ |