An Improved Approach for SQL Injection Vulnerabilities Detection

Zhang, Zong Zhi; Wen, Qiao Yan; Zhang, Zhao

doi:10.4028/www.scientific.net/amm.263-266.3017

Cited by 1 publication

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The papers [24][25][26][27][28][29][30][31][32] use pattern matching approaches to detect and prevent SQLi attacks. These operations are performed at the runtime, which makes these practices time-consuming and complex.…”

Section: Pattern Matching Approachesmentioning

confidence: 99%

“…Thereafter, it is checked if the request is for an SQLi attack or not. C. Shi et al [26] proposed a self-learning SQLi detection approach with a pattern  ISSN: 2089-3272 IJEEI, Vol. 9, No.…”

Section: Pattern Matching Approachesmentioning

confidence: 99%

“…There are numerous SQLi detection approaches to diminish such attacks through SQLi vulnerability exploitation. These detection approaches can be of various types: detection using pattern matching [24][25][26][27][28][29][30][31][32], learning-based detection [33][34][35][36][37][38][39][40][41][42][43], and other approaches [44][45][46][47][48][49].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

SQL Injection Vulnerability Detection Using Deep Learning: A Feature-based Approach

Hassan

Ahmad

Ghosh

2021

IJEEI

View full text Add to dashboard Cite

SQL injection (SQLi), a well-known exploitation technique, is a serious risk factor for database-driven web applications that are used to manage the core business functions of organizations. SQLi enables an unauthorized user to get access to sensitive information of the database, and subsequently, to the application's administrative privileges. Therefore, the detection of SQLi is crucial for businesses to prevent financial losses. There are different rules and learning-based solutions to help with detection, and pattern recognition through support vector machines (SVMs) and random forest (RF) have recently become popular in detecting SQLi. However, these classifiers ensure 97.33% accuracy with our dataset. In this paper, we propose a deep learningbased solution for detecting SQLi in web applications. The solution employs both correlation and chi-squared methods to rank the features from the dataset. Feed-forward network approach has been applied not only in feature selection but also in the detection process. Our solution provides 98.04% accuracy over 1,850 recorded datasets, where it proves its superior efficiency among other existing machine learning solutions.

show abstract