We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
ONTOLOGY FOR BLIND SQL INJECTION.
- Authors
DORA, Jean Rosemond; HLUCHÝ, Ladislav; Nemoga, Karol
- Abstract
In cyberspace, there exists a prevalent problem that heavily occurs to web application databases and that is the exploitation of websites by using SQL injection attacks. This kind of attack becomes more difficult when it comes to blind SQL vulnerabilities. In this paper, we will first make use of this vulnerability, and subsequently, we will build an ontology (OBSQL) to address the detection of the blind SQL weakness. Therefore, to achieve the exploitation, we reproduce the attacks against a website in production mode. We primarily detect the presence of the vulnerability, after we use our tools to abuse it. Last but not least, we prove the importance of applying ontology in cybersecurity for this matter. The mitigation techniques in our ontology will be addressed in our future work.
- Subjects
SQL; ONTOLOGY; WEB-based user interfaces; WEB databases; WEBSITE security; INFORMATION technology security
- Publication
Computing & Informatics, 2023, Vol 42, Issue 2, p480
- ISSN
1335-9150
- Publication type
Article
- DOI
10.31577/cai_2023_2_480