2021
DOI: 10.52549/.v9i3.3131
|View full text |Cite
|
Sign up to set email alerts
|

SQL Injection Vulnerability Detection Using Deep Learning: A Feature-based Approach

Abstract: SQL injection (SQLi), a well-known exploitation technique, is a serious risk factor for database-driven web applications that are used to manage the core business functions of organizations. SQLi enables an unauthorized user to get access to sensitive information of the database, and subsequently, to the application's administrative privileges. Therefore, the detection of SQLi is crucial for businesses to prevent financial losses. There are different rules and learning-based solutions to help with detection, a… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
5
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
4
1

Relationship

0
5

Authors

Journals

citations
Cited by 5 publications
(5 citation statements)
references
References 66 publications
0
5
0
Order By: Relevance
“…The precision score of 0.99 was achieved for the developed model in this research and the research by [27], however, the precision that determine the exactness of the model developed in this research for the detection and prevention of SQLiA in DBMS environment outperformed that of [27] as well as [28] with a score of 0.99782 superseding 0.993 and 0.97 for [27] and [29] respectively. The recall performance score recorded in this research which entails the measure of the completeness of the performance of detection of SQLiA achieved 0.99781, against that of [27], F1-score of 0.99781 with a significant difference against [23] as well as [27], though, [27] score 0.9934 that is slightly above 0.99, [29] had the worst performance score of 0.989, the robustness of the developed detection and prevent model for SQLiA in DBMS environment have established its optimality capability across all performance metrics relevant in the field of this research area. Though specificity and FPR was not recorded for the baseline journal model, this research used the performance metrics based on the fact that they are being employed for analysis engaging detection-based machine learning models, the developed detection and prevention model achieved the scores of 0.99409 and 0.00591 for specificity and FPR respectively, showing the efficient capability in detection of SQLiA in DBMS environment…”
Section: Resultsmentioning
confidence: 69%
See 2 more Smart Citations
“…The precision score of 0.99 was achieved for the developed model in this research and the research by [27], however, the precision that determine the exactness of the model developed in this research for the detection and prevention of SQLiA in DBMS environment outperformed that of [27] as well as [28] with a score of 0.99782 superseding 0.993 and 0.97 for [27] and [29] respectively. The recall performance score recorded in this research which entails the measure of the completeness of the performance of detection of SQLiA achieved 0.99781, against that of [27], F1-score of 0.99781 with a significant difference against [23] as well as [27], though, [27] score 0.9934 that is slightly above 0.99, [29] had the worst performance score of 0.989, the robustness of the developed detection and prevent model for SQLiA in DBMS environment have established its optimality capability across all performance metrics relevant in the field of this research area. Though specificity and FPR was not recorded for the baseline journal model, this research used the performance metrics based on the fact that they are being employed for analysis engaging detection-based machine learning models, the developed detection and prevention model achieved the scores of 0.99409 and 0.00591 for specificity and FPR respectively, showing the efficient capability in detection of SQLiA in DBMS environment…”
Section: Resultsmentioning
confidence: 69%
“…Hassan et al [23] proposed a deep neural network-based technique for the detection of SQL injection vulnerability. The proposed method which is targeted at addressing the challenging effects associated with financial loss in business, application compromise and administrative exploit claimed to have outperformed existing methods in detections of SQL injection attack with the accuracy of 98.04% over 1850 dataset records, however, improve performance can be recorded if a significantly available dataset is used for training the machine learning algorithms.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…The feature extraction stage produced a set of SQL injection data features in the form of a one-dimensional array as its final result (Hassan et al, 2021). This stage will be using the "Reshape" algorithm to reformat the data in order to arrange it for its subsequent conversion to a two-dimensional array using Equation ( 2).…”
Section: Reshape Data Stagementioning
confidence: 99%
“…For the detection of SQL injection vulnerabilities in a web application using deep learning, Maruf Hassan et al [8] recommended extracting numerous web application discovering points. The portion on SQL injection vulnerability prediction relied heavily on the deep learning component, which was extensively discussed in the article.…”
Section: Literature Reviewmentioning
confidence: 99%