Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.

Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.

Abstract: Query processors often receive queries to be processed against a data set, such as by inserting user input into parameterized fields of a query template. Some queries may include a conditional statement, and manipulation of user input (e.g., injection attacks) may introduce a delay through a conditional branch. The time required to fulfill the query may indicate which conditional branch was taken, thus revealing properties of the data set that are intended to be withheld. Instead, a query processor may examine the query to identify, between a pair of conditional branches, a processing delay of the first conditional branch as compared with the second conditional branch. The query processor may identify a query adaptation that reduces the processing delay of the first conditional branch as compared with the second conditional branch, and evaluate the query against the data set according to the query adaptation to present a query result.

Abstract: Query processors often receive queries to be processed against a data set, such as by inserting user input into parameterized fields of a query template. Some queries may be manipulated by user input (e.g., injection attacks) to introduce intentional errors in the query, where the error message reveals a protected detail about the data set, such as the existence or number of records or tables, the data set schema, and/or the configuration of the query processor. Instead, when the processing of a query results in an error message that contains a protected detail about the data set (including the query processor), the error message may be redacted to redact the protected detail before providing a redacted error message that avoids revealing information that might otherwise be usable to exploit the contents of the data set and/or the integrity of the data processor.

Abstract: Computer systems, devices, and associated methods of detecting and/or preventing injection attacks in databases are disclosed herein. In one embodiment, a method includes determining whether parsing a database statement received from an application on the application server cause a syntax error in a database. In response to determining that parsing the received database statement does not cause a syntax error, determining whether an identical syntactic pattern already exists. In response to determining that an identical syntactic pattern already exists in the database, the method includes indicating that the received database statement does not involve an injection attack.