Search-Based SQL Injection Attacks Testing using Genetic Programming

Created by W.Langdon from gp-bibliography.bib Revision:1.3872

@InProceedings{Aziz:2016:EuroGP,
  author =       "Benjamin Aziz and Mohamed Bader and Cerana Hippolyte",
  title =        "Search-Based SQL Injection Attacks Testing using
                 Genetic Programming",
  booktitle =    "EuroGP 2016: Proceedings of the 19th European
                 Conference on Genetic Programming",
  year =         "2016",
  month =        "30 " # mar # "--1 " # apr,
  editor =       "Malcolm I. Heywood and James McDermott and 
                 Mauro Castelli and Ernesto Costa and Kevin Sim",
  series =       "LNCS",
  volume =       "9594",
  publisher =    "Springer Verlag",
  address =      "Porto, Portugal",
  pages =        "183--198",
  organisation = "EvoStar",
  keywords =     "genetic algorithms, genetic programming, Search-Based
                 Testing, SQL Injections",
  isbn13 =       "978-3-319-30668-1",
  DOI =          "doi:10.1007/978-3-319-30668-1_12",
  abstract =     "Software testing is a key phase of many development
                 methodologies as it provides a natural opportunity for
                 integrating security early in the software development
                 lifecycle. However despite the known importance of
                 software testing, this phase is often overlooked as it
                 is quite difficult and labour-intensive to obtain test
                 datasets to effectively test an application. This lack
                 of adequate automatic software testing renders software
                 applications vulnerable to malicious attacks after they
                 are deployed as detected software vulnerabilities start
                 having an impact during the production phase. Among
                 such attacks are SQL injection attacks. Exploitation of
                 SQL injection vulnerabilities by malicious programs
                 could result in severe consequences such as breaches of
                 confidentiality and false authentication. We present in
                 this paper a search-based software testing technique to
                 detect SQL injection vulnerabilities in software
                 applications. This approach uses genetic programming as
                 a means of generating our test datasets, which are then
                 used to test applications for SQL injection-based
                 vulnerabilities.",
  notes =        "Part of \cite{Heywood:2016:GP} EuroGP'2016 held in
                 conjunction with EvoCOP2016, EvoMusArt2016 and
                 EvoApplications2016",
}

Genetic Programming entries for Benjamin Aziz Mohamed Bahy Bader-El-Den Cerana Hippolyte

Citations