A Novel Approach Exploiting Machine Learning to Detect SQLi Attacks

Abstract: The increasing use of Information Technology applications in the distributed environment is increasing security exploits. Information about vulnerabilities is also available on the open web in an unstructured format that developers can take advantage of to fix vulnerabilities in their IT applications. SQL injection (SQLi) attacks are frequently launched with the objective of exfiltration of data typically through targeting the back-end server organisations to compromise their customer databases. There have bee… Show more

“…In the SVM and RF algorithms, vectorization using TF-IDF was used to detect anomalous patterns and handle high query loads, taking advantage of the versatility of the vectorizer. However, in the third algorithm, the vectorizer CountVectorizer was used, a choice that differs from the approaches presented in previous studies [22]. CountVectorizer generates a term count matrix, where each row stores a term uniquely extracted from the dataset, which facilitates the effective identification of SQL injections.…”

“…Table 2 provides further details on the criteria implemented by various authors. [17] 0.9904 0.9898 0.9903 0.991 Artificial Neural Network (ANN) [13,18] 0.9893 0.9870 0.9913 0.99 AdaBoost (AB) [17,21] 0.9808 0.9559 0.9592 0.9561 Decision Tree (DT) [16,18,22,23] 0.9668 0.9315 0.88955 0.9164 Random Forest (RF) [18,22,23] 0.9634 0.9247 0.8947 0.9149 Support Vector Machine (SVM) [18,22,23] 0.9546 0.9706 0.9085 0.9395 Logistic Regression (LR) [4] 0.9503 0.9737 0.9089 0.9653 Naive Bayes (NB) [18,24] 0.9074 0.8966 0.7985 0.9010 KNN (K-Nearest Neighbors) [21] 0.8920 0.9143 0.8931 0.8853 Furthermore, the choice of these algorithms is justified for the following reasons. The decision tree (DT) algorithm is simple to interpret and allows for the identification of characteristics relevant to the detection of SQL injections.…”

Detecting Structured Query Language Injections in Web Microservices Using Machine Learning

“…In the SVM and RF algorithms, vectorization using TF-IDF was used to detect anomalous patterns and handle high query loads, taking advantage of the versatility of the vectorizer. However, in the third algorithm, the vectorizer CountVectorizer was used, a choice that differs from the approaches presented in previous studies [22]. CountVectorizer generates a term count matrix, where each row stores a term uniquely extracted from the dataset, which facilitates the effective identification of SQL injections.…”

“…Table 2 provides further details on the criteria implemented by various authors. [17] 0.9904 0.9898 0.9903 0.991 Artificial Neural Network (ANN) [13,18] 0.9893 0.9870 0.9913 0.99 AdaBoost (AB) [17,21] 0.9808 0.9559 0.9592 0.9561 Decision Tree (DT) [16,18,22,23] 0.9668 0.9315 0.88955 0.9164 Random Forest (RF) [18,22,23] 0.9634 0.9247 0.8947 0.9149 Support Vector Machine (SVM) [18,22,23] 0.9546 0.9706 0.9085 0.9395 Logistic Regression (LR) [4] 0.9503 0.9737 0.9089 0.9653 Naive Bayes (NB) [18,24] 0.9074 0.8966 0.7985 0.9010 KNN (K-Nearest Neighbors) [21] 0.8920 0.9143 0.8931 0.8853 Furthermore, the choice of these algorithms is justified for the following reasons. The decision tree (DT) algorithm is simple to interpret and allows for the identification of characteristics relevant to the detection of SQL injections.…”

Detecting Structured Query Language Injections in Web Microservices Using Machine Learning

“…SQL is a programming language for database access. It can be exploited to introduce malicious code into a website and transfer it to a database to execute different commands [8,9]. Once a malicious actor has performed a SQLi scenario to run an illegal command, an attack has already happened [10,11].…”

“…It can be exploited to introduce malicious code into a website and transfer it to a database to execute different commands [8,9]. Once a malicious actor has performed a SQLi scenario to run an illegal command, an attack has already happened [10,11]. The attacker can thus proceed to further exploit vulnerabilities and take over a victim's database.…”

Multi-Phase Algorithmic Framework to Prevent SQL Injection Attacks using Improved Machine learning and Deep learning to Enhance Database security in Real-time

“…1 Libinjection je open-source C библиотека која детектује injection нападе употребом лексичке анализе[13] График 1…”

Примена Modsecurity Waf-a У Заштити Веб Апликација