Improving Machine Learning Accuracy in Detecting SQL Injection Attack Using NLP and Feature Engineering
摘要
Traditional rule-based and signature-based methods face limitations in effectively identifying evolving attack techniques. To address this challenge, we propose a Detection SQL Injection Attack framework (DSQLIA), which enhances the accuracy of machine learning (ML) algorithms in detecting SQLIA. In the propose framework, we leverage Natural Language Processing (NLP) and feature engineering. NLP techniques applied to analyze the textual content of SQL queries and extract meaningful information for distinguishing between legitimate and malicious queries. Relevant features capturing the unique characteristics of SQL injection attacks identified and created through feature engineering. In the framework we evaluate different ML algorithms, including decision trees, support vector machines (SVM), and artificial neural networks (ANN) on a dataset. An accuracy, precision, recall, and F1-score performance metrics used to assess algorithm effectiveness. The results showed that the SVM algorithm achieves the highest accuracy of 0.994, followed by the decision tree with 0.975, and the ANN with 0.966. This highlights the improved performance of SVM in accurately classifying SQL queries. By combining feature engineering and NLP techniques, the DSQLIA model enhances ML accuracy in SQL injection detection, offering a valuable approach to mitigating the risks posed by these vulnerabilities in web applications.