Visible to the public Biblio

Filters: Author is Jamaludin, Nor Azliana Akmal  [Clear All Filters]
2020-02-10
Awang, Nor Fatimah, Jarno, Ahmad Dahari, Marzuki, Syahaneim, Jamaludin, Nor Azliana Akmal, Majid, Khairani Abd, Tajuddin, Taniza.  2019.  Method For Generating Test Data For Detecting SQL Injection Vulnerability in Web Application. 2019 7th International Conference on Cyber and IT Service Management (CITSM). 7:1–5.
SQL injection is among the most dangerous vulnerabilities in web applications that allow attackers to bypass the authentication and access the application database. Security testing is one of the techniques required to detect the existence of SQL injection vulnerability in a web application. However, inadequate test data during testing can affect the effectiveness of security testing. Therefore, in this paper, the new algorithm is designed and developed by applying the Cartesian Product technique in order to generate a set of invalid test data automatically. A total of 624 invalid test data were generated in order to increase the detection rate of SQL injection vulnerability. Finally, the ideas obtained from our method is able to detect the vulnerability of SQL injection in web application.