DISCUSSION of valid unit tests against the

DISCUSSION ON DIFFERENT TECHNIQUES USED FOR DETECTION OF SQLIA In previous section we have discuss some tools and techniques which are available for detection of SQL injection. In this section we are going to concentrate on seven different techniques in detail. The techniques which we are going to consider are 1. Mutation based testing, 2 Regular expression, 3 Query tokenization, 4 Multilayer defence mechanism, 5 Syntactic and Semantic Analysis Automated Testing against SQL Injection. 6 Securing Web Applications with Service Based SQL Injection Detection Mutation 4 is the act of deliberately altering a program’s code, then re-running a suite of valid unit tests against the mutated program. Mutation testing is a method of software testing, which involves modifying programs’ source code or byte code in small ways Mutation testing is done by selecting a set of mutation operators and then applying them to the source program one at a time for each applicable piece of the source code. The result of applying one mutation operator to the program is called a mutant. Mutants for SQL injection are Remove WHERE keywords and conditions , Negate each of the unit expression inside where conditions , Add parentheses in where conditions and prepend “FALSE AND” after the WHERE keyword ,Unbalance parentheses of where condition expressions , Set multiple query execution flags to true , Override commit and rollback options , Set the maximum number of record returned by a result set to infinite , Set query execution delay to infinite and Override the escape character processing flags. In mutation base testing author has suggested to do the checking for SQL injection before uploading the web service on the server. Advantage of this technique is it identifies the vulnerabilities in advance that is it’s like a precautionary measure for SQL injection. In regular expression 5 method author applies Reggae on various input-validation programs that use complex regular expressions. Empirical results show that Reggae helps a testgeneration tool generate test inputs to achieve 79% branch coverage of validations, improved from 29% achieved without the help of Reggae. Author has implement Reggae based on a DSE engine for testing .NET programs, including C# programs. Since RegEx-matching operations are relatively more complex than other string operations and have been commonly used in various programs, this paper focuses on how to improve a DSE engine to generate high-covering test inputs for a program using RegExmatching operations (i.e., IsMatch(s1,regex1), which determines whether the input string s1 matches the RegEx specified in the pattern parameter regex1).If an input string s1 matches regex1, IsMatch returns true. Otherwise, IsMatch returns false. The advantage of this technique is, as it is not a signature based or anomaly detection, in which main problem is it can’t identify new type of attack. All most all kinds of attacks can be caught by using this technique. Second advantage is easy to implement. In tokenization 6 technique author has proposed a method to detect SQL injection attacks by using Query tokenization that is implemented by the QueryParser method. When attacker is making SQL injection he should probably use a space, single quotes or double dashes in his input. This method consists of tokenizing original query and a query with injection separately, the tokenization is performed by detecting a space, single quote or double dashes and all strings before each symbol constitute a token. After tokens are formed they all make an array for which every token is an element of the array. Two arrays resulting from both original query and a query with injection are obtained and their lengths are compared to detect whether there is injection or not. As a result, the access to data can be granted or denied once the lengths of the arrays are the same or different respectively. In query select * from table where condition we will have the following tokens. Token l: Select*from, Token 2: table, Token 3: where, Token 4: attribute=, Token 5: UserInput so the corresponding array will be as follows: