Open Access
Subscription Access
Detection of Structured Query Language Injection Attacks Using Machine Learning Techniques
This paper presents a comparative analysis of various machine learning classification models for structured query language injection prevention. The objective is to identify the best-performing model in terms of accuracy on a given dataset. The study utilizes popular classifiers such as Logistic Regression, Naive Bayes, Decision Tree, Random Forest, K-Nearest Neighbors, and Support Vector Machine. Based on the tests used to evaluate the performance of the classifiers, the Naïve Bayes gets the highest level of accurate detection. The results show a 97.06% detection rate for the Naïve Bayes, followed by LogisticRegression (0.9610), Support Vector Machine (0.9586), RandomForest (0.9530), DecisionTree (0.9069), and K-Nearest Neighbor (0.6937). The code snippet provided demonstrates the implementation and evaluation of these models.
Keywords
Classification models, SQL-I, Python, Machine learning, Evaluations
User
Font Size
Information
- Lu, D., Fei, J., & Liu, L. (2023). A semantic learning-based SQL injection attack detection technology. Electronics, 12(6), 1-22. https://doi.org/10.3390/electronics12061344
- Yunmar, R. A. (2018). Hybrid intrusion detection system using fuzzy logic inference engine for SQL injection attack. Kursor, 9(3), 83-93. https://doi.org/10.28961/kursor.v9i3.147
- Triloka, J., &Sutedi, H. (2022). Detection of SQL Injection Attack Using Machine Learning Based on Natural Language Processing. International Journal of Artificial Intelligence Research, 6(2).
- Demilie, W. B., &Deriba, F. G. (2022). Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques. Journal of Big Data, 9(1), 1-30. https://doi.org/10.1186/s40537-022-00678-0
- Daniyal, A., Maha, A., &Suaad, A. (2022, 09). Detection of SQL Injection Attack Using Machine Learning Techniques: A Systematic Literature Review. Journal of Cybersecurity and Privacy, 2, 764-777.
- Vähäkainu, P., &Lehto, M. (2019). Artificial intelligence in the cyber security environment. In Proceedings of the 14th International Conference on CyberWarfare and Security (pp. 431-440). Stellenbosch: ICCWS 2019.
- Satapathy, S., Govardhan, A., Raju, K., & Mandal, J. (2015). SQL Injection Detection and Correction Using Machine Learning Techniques. Advances in Intelligent Systems and Computing, 435–442.
- Halfond, W. G. J., &Orso, A. (2005). AMNESIA: Analysis and monitoring for NEutralizing SQL-injection attacks. In ASE ‘05: Proceedings of the 20th IEEE/ACM international conference on automated software engineering (pp. 174-183). https://doi.org/10.1145/1101908.1101935
- Zhang, W., Yueqin, L., Xiaofeng, L., Shao, M., Mi, Y., Zhang, H., &Zhi, G. (2022). Deep neural network-based SQL injection detection method. Security and Communication Networks, 2022, 1-9. https://doi.org/10.1155/2022/4836289
- Theobald, O. (2019). Machine Learning with python. In O. Theobald. Scatterplot Press.
Abstract Views: 54
PDF Views: 34