Abstract
The use of Internet services and web applications has grown rapidly because of user demand. At the same time, the web application vulnerabilities have increased as a result of mistakes in the development where some developers gave the security aspect a lower priority than aspects like application usability. An SQL (structure query language) injection is a common vulnerability in web applications; it has been classified as the most dangerous type of vulnerability according to OWASP (Open Web Application Security Project) statistics (OWASP, 2010). An SQL injection vulnerability allows the hacker or illegal user to have access to the web application's database and therefore damage the data, or change the information held in the database. This paper will discuss a framework for the detection and prevention of common types of SQL injection attacks. The framework consists of three main components; the first component will check the user input for existing attacks, the second component will check for new types of attacks, and the last component will block unexpected responses from the database engine. Additionally, our framework will keep track of an ongoing attack by recording and investigating user behaviour. The framework is based on the Anatempura tool, a runtime verification tool for Interval Temporal Logic properties. Existing attacks and good/bad user behaviours can be specified using Interval Temporal Logic. Moreover, this paper will discuss a case study where various types of user behaviour are specified in Interval Temporal Logic and show how these can be detected. [PUBLICATION ABSTRACT]