Litcius/Paper detail

Long short‐term memory on abstract syntax tree for SQL injection detection

Zhengjia Zhuo, Tie Cai, Xingyao Zhang, Fengmao Lv

2021IET Software30 citationsDOIOpen Access PDF

Abstract

Abstract SQL injection attack (SQLIA) is a code injection technique, used to attack data‐driven applications by executing malicious SQL statements. Techniques like pattern matching, software testing and grammar analysis etc. are frequently used to prevent such attack. However, major bottlenecks still remain in detecting SQLIA with bypassing techniques, getting access to source code and requiring an additional manual operation to extract features. The authors propose a novel detection approach based on long short‐term memory and abstract syntax tree, which could detect SQLIAs from the raw query strings and work under SQL detection bypassing scenario. Our deep learning technique explicitly uses both context and syntax information that previous methods failed to fully grasp. Experimental results clearly illustrate the superior performance of our method compared to other existing works when detecting with complete SQL raw queries.

Topics & Concepts

Computer scienceSQL injectionStored procedureSQLAbstract syntax treeProgramming languageSyntaxLanguage Integrated QueryQuery by ExampleData Transformation ServicesTree (set theory)PL/SQLContext (archaeology)Artificial intelligenceInformation retrievalSearch enginePaleontologyBiologyWeb search queryMathematicsMathematical analysisWeb Application Security VulnerabilitiesSecurity and Verification in ComputingDigital and Cyber Forensics