Litcius/Paper detail

A CNN-BiLSTM based Approach for Detection of SQL Injection Attacks

Neel Gandhi, Jaykumar Patel, Rajdeepsinh Sisodiya, Nishant Doshi, Shakti Mishra

202143 citationsDOI

Abstract

Web application attacks concerned with Structured Query Language Injection(SQLI) have been a major threat in the field of cybersecurity. SQLI attacks majorly lead to leakage of user's data leading to data manipulation, updation and deletion in database management system. Traditional techniques used to prevent SQLI injections include rule-based matching and other related methods that are limited to a few number of SQL injections. Major concern regarding SQLI attacks relates to invention of new malicious SQL queries by hackers to perform SQLI attacks. The problem can be effectively dealt with use of machine learning algorithms for prediction of SQLI attacks. Paper proposes a hybrid CNN-BiLSTM based approach for SQLI attack detection. The proposed CNN-BiLSTM model had significant accuracy of 98% and superior performance compared to other machine learning algorithms. Also, paper presents a comparative study of different types of machine learning algorithms used for the purpose of SQLI attack detection. The study shows the performance of various algorithms based on accuracy, precision, recall, and F1 score with respect to proposed CNN-BiLSTM model in detection of SQL injection attacks.

Topics & Concepts

SQL injectionComputer scienceSQLMachine learningArtificial intelligenceLanguage Integrated QueryData miningDatabaseQuery by ExampleInformation retrievalSearch engineWeb search queryWeb Application Security VulnerabilitiesNetwork Security and Intrusion DetectionSecurity and Verification in Computing