<p>SQL injection (SQLi) remains one of the most severe security threats to web applications, enabling attackers to manipulate backend databases through crafted malicious inputs. To address this challenge, this study introduces a context-aware SQLi detection framework that integrates Natural Language Processing (NLP) with both Machine Learning (ML) and Deep Learning (DL) techniques. The proposed framework employs the Universal Sentence Encoder (USE) to generate semantic and syntactic embeddings of SQL queries, allowing classifiers to capture contextual intent and complex linguistic relationships beyond traditional token-based approaches. Four ML models—Decision Tree (DT), K-Nearest Neighbors (KNN), Random Forest (RF), and Multi-Layer Perceptron (MLP)—were trained and compared to identify the most effective configuration. Experimental results showed that the MLPClassifier achieved the highest performance among all ML baselines, especially when combined with semantic embeddings generated by the USE. In the second phase, a DL architecture was developed and fine-tuned to develop the final DL model, consisting of five fully connected layers, one dropout layer, and optimized hyperparameters. Experimental results revealed that the proposed USE + MLP model achieved the fastest detection time of 0.73&#xa0;s (≈ 1.08 × 10⁻⁴ s per query). Furthermore, the DL-based model combined with USE embeddings achieved the highest accuracy of 99.85%, with both False Positive Rate (FPR) and False Negative Rate (FNR) equal to 0.14%, confirming its suitability for real-time attack detection.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhancing SQL Injection Detection Using Contextual Natural Language Processing method and Artificial Intelligence Techniques

  • Rezan Bakır,
  • Halit Bakir

摘要

SQL injection (SQLi) remains one of the most severe security threats to web applications, enabling attackers to manipulate backend databases through crafted malicious inputs. To address this challenge, this study introduces a context-aware SQLi detection framework that integrates Natural Language Processing (NLP) with both Machine Learning (ML) and Deep Learning (DL) techniques. The proposed framework employs the Universal Sentence Encoder (USE) to generate semantic and syntactic embeddings of SQL queries, allowing classifiers to capture contextual intent and complex linguistic relationships beyond traditional token-based approaches. Four ML models—Decision Tree (DT), K-Nearest Neighbors (KNN), Random Forest (RF), and Multi-Layer Perceptron (MLP)—were trained and compared to identify the most effective configuration. Experimental results showed that the MLPClassifier achieved the highest performance among all ML baselines, especially when combined with semantic embeddings generated by the USE. In the second phase, a DL architecture was developed and fine-tuned to develop the final DL model, consisting of five fully connected layers, one dropout layer, and optimized hyperparameters. Experimental results revealed that the proposed USE + MLP model achieved the fastest detection time of 0.73 s (≈ 1.08 × 10⁻⁴ s per query). Furthermore, the DL-based model combined with USE embeddings achieved the highest accuracy of 99.85%, with both False Positive Rate (FPR) and False Negative Rate (FNR) equal to 0.14%, confirming its suitability for real-time attack detection.