Detection of SQL Injection Attacks: A Machine Learning Approach
Document Type
Conference Proceeding
Source of Publication
2019 International Conference on Electrical and Computing Technologies and Applications, ICECTA 2019
Publication Date
11-1-2019
Abstract
© 2019 IEEE. With the rapid growth in online services, hacking (alternatively attacking) on online database applications has become a grave concern now. Attacks on online database application are being frequently reported. Among these attacks, the SQL injection attack is at the top of the list. The hackers alter the SQL query sent by the user and inject malicious code therein. Hence, they access the database and manipulate the data. It is reported in the literature that the traditional SQL injection detection algorithms fail to prevent this type of attack. In this paper, we propose a machine learning based heuristic algorithm to prevent the SQL injection attack. We use a dataset of 616 SQL statements to train and test 23 different machine learning classifiers. Among these classifiers, we select the best five classifiers based on their detection accuracy and develop a Graphical User Interface (GUI) application based on these five classifiers. We test our proposed algorithm and the results show that our algorithm is able to detect the SQL injection attack with a high accuracy (93.8%).
DOI Link
ISBN
9781728155326
Publisher
Institute of Electrical and Electronics Engineers Inc.
Disciplines
Computer Sciences
Keywords
classifiers, Database application, database Security, machine learning, SQL detection, SQL injection
Scopus ID
Recommended Citation
Hasan, Musaab; Balbahaith, Zayed; and Tarique, Mohammed, "Detection of SQL Injection Attacks: A Machine Learning Approach" (2019). All Works. 1223.
https://zuscholars.zu.ac.ae/works/1223
Indexed in Scopus
yes
Open Access
no