References

Akrout, R., E. Alata, M. Kaaniche and V. Nicomette, 2014. An automated black box approach for web vulnerability identification and attack scenario generation. J. Braz. Comput. Soc., Vol. 20. 10.1186/1678-4804-20-4

Alata, E., M. Kaaniche, V. Nicomette and R. Akrout, 2013. An automated approach to generate web applications attack scenarios. Proceedings of the 6th Latin-American Symposium on Dependable Computing, April 1-5, 2013, Rio de Janeiro, pp: 78-85.

Awang, N.F., A.A. Manaf and W.S. Zainudin, 2014. A survey on conducting vulnerability assessment in web-based application. Commun. Comput. Inf. Sci., 488: 459-471.
CrossRef  |  Direct Link  |  

Bisht, P., P. Madhusudan and V.N. Venkatakrishnan, 2010. Candid: Dynamic candidate evaluations for automatic prevention of SQL injection attacks. ACM Trans. Inf. Syst. Security, 5: 1-39.
CrossRef  |  Direct Link  |  

Bozic, J. and F. Wotawa, 2014. Security testing based on attack patterns. Proceedings of the IEEE 7th International Conference on Software Testing, Verification and Validation Workshops, March 31-April 4, 2014, Cleveland, OH., pp: 4-11.

Chen, J.M. and C.L. Wu, 2010. An automated vulnerability scanner for injection attack based on injection point. Proceedings of the International Computer Symposium, December 16-18, 2010, Tainan, pp: 113-118.

Djuric, Z., 2013. A black-box testing tool for detecting SQL injection vulnerabilities. Proceedings of the 2013 2nd International Conference on Informatics and Applications, September 23-25, 2013, Lodz, pp: 216-221.

Ezumalai, R. and G. Aghila, 2009. Combinatorial approach for preventing SQL injection attacks. Proceedings of the International Advance Computing Conference, March 6-7, 2009, Patiala, India, pp: 1212-1217.

Halfond, W.G., J. Viegas and A. Orso, 2006. A classification of SQL-injection attacks and countermeasures. Proceedings of the IEEE International Symposium on Secure Software Engineering, March 13-15, 2006, Washington, DC., USA -.

He, K., Z. Feng and X. Li, 2008. An attack scenario based approach for software security testing at design stage. Proceedings of the International Symposium on Computer Science and Computational Technology, December 20-22, 2008, Shanghai, pp: 782-787.

Kindy, D.A. and A.S.K. Pathan, 2013. A detailed survey on various aspects of SQL injection in web applications: Vulnerabilities, innovative attacks and remedies. Int. J. Commun. Networks Inf. Secur., 5: 80-92.

Lei, L., X. Jing, L. Minglei and Y. Jufeng, 2013. A dynamic SQL injection vulnerability test case generation model based on the multiple phases detection approach. Proceedings of the 2013 IEEE 37th Annual Computer Software and Applications Conference, July 22-26, 2013, Kyoto, pp: 256-261.

Stuttard, D. and M. Pinto, 2007. The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws. Wiley Publishing, New York, USA.

Wassermann, G., D. Yu, A. Chander, D. Dhurjati, H. Inamura and Z. Su, 2008. Dynamic test input generation for web applications. Proceedings of the 2008 International Symposium on Software Testing and Analysis, July 20-24, 2008, Seattle, WA., USA., pp: 249-259.

Wodarz, P.N., 2008. Algorithms for generating permutations and combinations. http://www4.uwsp.edu/math/nwodarz/Math209Files/209-0809F-L10-Section06_03-AlgorithmsForGeneratingPermutationsAndCombinations-Notes.pdf.