Traditional rule-based and signature-based methods face limitations in effectively identifying evolving attack techniques. To address this challenge, we propose a Detection SQL Injection Attack framework (DSQLIA), which enhances the accuracy of machine learning (ML) algorithms in detecting SQLIA. In the propose framework, we leverage Natural Language Processing (NLP) and feature engineering. NLP techniques applied to analyze the textual content of SQL queries and extract meaningful information for distinguishing between legitimate and malicious queries. Relevant features capturing the unique characteristics of SQL injection attacks identified and created through feature engineering. In the framework we evaluate different ML algorithms, including decision trees, support vector machines (SVM), and artificial neural networks (ANN) on a dataset. An accuracy, precision, recall, and F1-score performance metrics used to assess algorithm effectiveness. The results showed that the SVM algorithm achieves the highest accuracy of 0.994, followed by the decision tree with 0.975, and the ANN with 0.966. This highlights the improved performance of SVM in accurately classifying SQL queries. By combining feature engineering and NLP techniques, the DSQLIA model enhances ML accuracy in SQL injection detection, offering a valuable approach to mitigating the risks posed by these vulnerabilities in web applications.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Improving Machine Learning Accuracy in Detecting SQL Injection Attack Using NLP and Feature Engineering

  • Amjad Rattrout,
  • Majdi Jaradat,
  • Rashid Jayousi

摘要

Traditional rule-based and signature-based methods face limitations in effectively identifying evolving attack techniques. To address this challenge, we propose a Detection SQL Injection Attack framework (DSQLIA), which enhances the accuracy of machine learning (ML) algorithms in detecting SQLIA. In the propose framework, we leverage Natural Language Processing (NLP) and feature engineering. NLP techniques applied to analyze the textual content of SQL queries and extract meaningful information for distinguishing between legitimate and malicious queries. Relevant features capturing the unique characteristics of SQL injection attacks identified and created through feature engineering. In the framework we evaluate different ML algorithms, including decision trees, support vector machines (SVM), and artificial neural networks (ANN) on a dataset. An accuracy, precision, recall, and F1-score performance metrics used to assess algorithm effectiveness. The results showed that the SVM algorithm achieves the highest accuracy of 0.994, followed by the decision tree with 0.975, and the ANN with 0.966. This highlights the improved performance of SVM in accurately classifying SQL queries. By combining feature engineering and NLP techniques, the DSQLIA model enhances ML accuracy in SQL injection detection, offering a valuable approach to mitigating the risks posed by these vulnerabilities in web applications.