A Proposed Framework Against Code Injection Vulnerabilities in Online Applications

A Proposed Framework Against Code Injection Vulnerabilities in Online Applications

Security vulnerabilities are frequently detected and exploited in modern web applications. Intruders obtain unrestricted access to the information stored at the backend database server of a web application by exploiting security vulnerabilities. Code injection attacks top the list due to lack of effective strategies for detecting and blocking injection attacks. The proposed Token based Detection and Neural Network based Reconstruction (TbD-NNbR) framework is a unique approach to detect and block code injections with negligible processing overheads. This framework makes use of an efficient token mapping and validation technique to match the statically generated legal query tokens against the parsed dynamic query tokens at run time. The proposed approach also has the provision to reconstruct queries from authenticated users. The prototype implementation of TbD-NNbR shows that it does not demand any source code modifications and incurs only a negligible computational overhead without any incidents of false positives or false negatives.