Article

A Hybrid Approach to SQL Injection Detection using Machine Learning

Author : Mukkara Sirisha,B. Amarnadh Reddy

Despite the evolution of security measures, SQL injection remains a significant threat to web applications, enabling unauthorized access to databases and valuable information. With the sophistication of attack approaches increasing, traditional signature and rule based detection methods are less effective and thus more intelligent and adaptive detection solutions are required. It is based on a published set of SQL queries, both legit and malicious, from a wide range of web application scenarios from the past few years. The data contains features of the SQL-injection patterns at the keyword level, structural level and character level. Data preprocessing comprises query cleaning, feature extraction, categorical encoding, data normalization, class balancing and duplication removal to enhance the quality and model performance of the data. We create a hybrid detection model to enhance classification performance using various models and evaluate multiple ML classifiers such as DT, RF and XGBoost. The accuracy, precision, recall, f1 score and roc-auc are used to measure performance. The experimental results demonstrate that the hybrid model obtained the best detection effectiveness to be 99.3%, 99.1%, 99.4%, 99.2% and 99.6% for accuracy, precision, recall, F1-score, and ROCAUC, respectively, of the separate classifiers. The proposed framework can enhance SQL injection detection accuracy and provide a good basis for improving the security of modern Web applications.


Full Text Attachment
//