An Automatic Mechanism for Adjusting Validation Function

Injection attack is a technique to bypass or modify the originally intended functionality of the program. Many application´s security vulnerabilities result from generic injection problems. Examples of such vulnerabilities are SQL injection, shell injection and script injection (cross site scripting). Proper input validation is an effective countermeasure to act as a defense against input attacks. However, it is challenging because there is no specific answer for what implies valid input across applications. As individual fields often require specific validation, input validation adopting only one filter rule may induce false negative or false positive. We develop a defense system consisting of an event driven security testing framework and an adjustable validation function on a security gateway. The security gateway is allocated in front of application server to eliminate malicious injection vulnerabilities. To verify the efficiency of the adjustable mechanism, we focus on whether the validation functions included in meta-programs have proper filter rules to sanitize input data. Among our experiments, different fields may have various validation rules made up of some sub-rules. By means of these rules, we reduce false rate and increase detection rate. That is to say, we prove that the diversified validation rules produced by our automatic mechanism are more efficient and elastic than only one rule.