An ensemble classification-based approach to detect attack level of SQL injections

Kasım, Ömer

doi:10.1016/j.jisa.2021.102852

Cited by 20 publications

(13 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Supervised Learning Methods: Support Vector Machines (SVM), Random Forests, and Neural Networks are some examples of supervised learning algorithms that have been used in projects. [3][4] These models were trained on labeled datasets to figure out whether a query was normal or malicious. Unsupervised learning approaches: There's also work involving unsupervised learning to detect anomalous query patterns without needing labeled data, using clustering techniques and anomaly detection algorithms like the Isolation Forest.…”

Section: Methodsmentioning

confidence: 99%

Enhanced Network Security against SQL Injection Attack Using Machine Learning

Joshi,

Oza

2024

Preprint

View full text Add to dashboard Cite

SQL injection attacks pose a significant risk to the security of computer networks. These attacks have the potential to gain unauthorized access to sensitive data, modify or remove data, or even render entire websites and databases inoperable. Conventional techniques for identifying and stopping SQL injection attacks are frequently resource-intensive, rendering them unfeasible for devices that manage substantial amounts of traffic. The objective of the proposed research is to improve the identification and prevention of structured query language injection attacks (SQLIAs) in web applications, with a specific focus on attaining a high rate of detection while minimizing false alarms. We utilized flow data obtained from several SQL injection attack scenarios that specifically targeted widely-used database engines. We obtained a high level of accuracy in identifying and mitigating these assaults by utilizing machine learning methods, specifically logistic regression. The method we used showed a detection rate over 98% and a false alarm rate below 0.029%. The results demonstrate substantial enhancements in the prevention of unauthorized access and the protection of sensitive information within databases. The results of our research align with or surpass current techniques, offering enhanced security for web applications. The model’s exceptional accuracy and minimal false alarm rate provide a groundbreaking method for detecting SQL injection attacks.

show abstract

Section: Methodsmentioning

confidence: 99%

Enhanced Network Security against SQL Injection Attack Using Machine Learning

Joshi,

Oza

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…The discoveries of their appraisal uncovered that instead of evaluating the viability of current SQLIA identification methods, most of scholastics focused on proposing components to identify and moderate SQL injection attacks (SQLIAs). An instrument to distinguish deceitful SQL inquiries was created by Kasim [13]. For the order systems to find different levels of SQL injection, choice tree techniques were used.…”

Section: Literature Reviewmentioning

confidence: 99%

SQL Injection Attack Detection Using Machine Learning Algorithm

Muhammad

Ghafory

2022

MJCS

View full text Add to dashboard Cite

One of the most widely recognised cyber-assaults against web-based application weaknesses is the structured query language injection attack (SQLIA), which is utilised to execute unlawful information control language, evade confirmation strategies, and access confined information. Some published systematic reviews were considered in this area. Older and more current papers in the field are often included in more recent systematic reviews. As a result, all of the publications we looked at were recent. I used data from 2012 to 2020 for the present analysis. There are a few techniques and systems for identifying and forestalling SQLIA, including encryption, XML, design coordinating, parsing, and machine learning. Guarded coding is utilised to apply Machine Learning (ML) procedure, which has been shown to be significant for SQLIA alleviation. The machine learning approach needs a ton of information to prepare models really and support a few attack types. An extremely difficult visually impaired SQL injection attack might be relieved utilizing ML procedures. An exploratory examination of Logistic Regression (LRN), Stochastic Gradient Descent (SDG), Sequential Minimal Optimization (SMO), Bayes Network (BNK), Instance-Based Learner (IBK), Multilayer Perceptron (MLP), Naive Bayes (NBS), and J48 was completed in the Waikato Climate for Information Investigation. The presentation of the regulated learning grouping calculations was surveyed utilizing Wait (70%) and 10-crease Cross Validation appraisal methods to decide the best calculation. According to the findings of the Cross Validation approach, SMO, IBK, and J48 had accuracy values of 98.7785%, 98.4285%, and 98.2985%, respectively, while the Hold-Out technique revealed accuracy values of 98.7956%, 98.1526%, and 100 for SMO, IBK, and J48. In contrast, IBK and J48 needed 10.15 seconds, 0.06 seconds, and 14.12 seconds, respectively, to create their models using the Cross Validation approach SMO, whereas they needed 9.71 seconds, 0.16 seconds, and 14.28 seconds, respectively, to develop their models using the Hold-Out technique SMO. According to the results, IBK was selected as the classifier for SQLIA detection and prevention since it required the least amount of time to develop a model using the Cross Validation approach and performed better than other candidates in terms of accuracy, sensitivity, and specificity. For the best algorithm selection for predictive analytics, various performance assessment measures are also crucial in addition to accuracy.

show abstract

“…The author of [37] has designed a method to detect malicious SQL queries. The DT technique was used for the classification processes to detect different levels of SQLI.…”

Section: Related Workmentioning

confidence: 99%

Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques

Demilie¹,

Deriba²

2022

J Big Data

View full text Add to dashboard Cite

A web application is a software system that provides an interface to its users through a web browser on any operating system (OS). Despite their growing popularity, web application security threats have become more diverse, resulting in more severe damage. Malware attacks, particularly SQLI attacks, are common in poorly designed web applications. This vulnerability has been known for more than two decades and is still a source of concern. Accordingly, different techniques have been proposed to counter SQLI attacks. However, the majority of them either fail to cover the entire scope of the problem. The structured query language injection (SQLI) attack is among the most harmful online application attacks and often happens when the attacker(s) alter (modify), remove (delete), read, and copy data from database servers. All facets of security, including confidentiality, data integrity, and data availability, can be impacted by a successful SQLI attack. This paper investigates common SQLI attack forms, mechanisms, and a method of identifying, detecting, and preventing them based on the existence of the SQL query. Here, we have developed a comprehensive framework for detecting and preventing the effectiveness of techniques that address specific issues following the essence of the SQLI attacks by using traditional Navies Bayes (NB), Decision Trees (DT), Support Vectors Machine (SVM), Random Forests (RF), Logistic Regression (LR), and Neural Networks Based on Multilayer Perceptron (MLP), and hybrid approach are used for our study. The machine learning (ML) algorithms were implemented using the Keras library, while the classical methods were implemented using the Tensor Flow-Learn package. For this proposed research work, we gathered 54,306 pieces of data from weblogs, cookies, session usage, and from HTTP (S) request files to train and test our model. The performance evaluation results for training set in metrics such as the hybrid approach (ANN and SVM) perform better accuracies in precision (99.05% and 99.54%), recall (99.65% and 99.61%), f1-score (99.35% and 99.57%), and training set (99.20% and 99.60%) respectively than other ML approaches. However, their training time is too high (i.e., 19.62 and 26.16 s respectively) for NB and RF. Accordingly, the NB technique performs poorly in accuracy, precision, recall, f1-score, training set evaluation metrics, and best in training time. Additionally, the performance evaluation results for test set in metrics such as hybrid approach (ANN and SVM) perform better accuracies in precision (98.87% and 99.20%), recall (99.13% and 99.47%), f1-score (99.00% and 99.33%) and test set (98.70% and 99.40%) respectively than other ML approaches. However, their test time is too high (i.e., 11.76 and 15.33 ms respectively). Accordingly, the NB technique performs poorly in accuracy, precision, recall, f1-score, test set evaluation metrics, and best in training time. Here, among the implemented ML techniques, SVM and ANN are weak learners. The achieved performance evaluation results indicated that the proposed SQLI attack detection and prevention mechanism has been improved over the previously implemented techniques in the theme. Finally, in this paper, we aimed to keep researchers up-to-date, with contributions, and recommendations to the understanding of the intersection between SQLI attacks and prevention in the artificial intelligence (AI) field.

show abstract

An ensemble classification-based approach to detect attack level of SQL injections

Cited by 20 publications

References 6 publications

Enhanced Network Security against SQL Injection Attack Using Machine Learning

Enhanced Network Security against SQL Injection Attack Using Machine Learning

SQL Injection Attack Detection Using Machine Learning Algorithm

Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques

Contact Info

Product

Resources

About