Scopus Indexed Publications

Paper Details


Title
Sql injection vulnerability detection using deep learning: A feature-based approach
Author
Md. Maruf Hassan, Tonmoy Ghosh,
Email
maruf.swe@diu.edu.bd
Abstract

SQL injection (SQLi), a well-known exploitation technique, is a serious risk factor for database-driven web applications that are used to manage the core business functions of organizations. SQLi enables an unauthorized user to get access to sensitive information of the database, and subsequently, to the application’s administrative privileges. Therefore, the detection of SQLi is crucial for businesses to prevent financial losses. There are different rules and learning-based solutions to help with detection, and pattern recognition through support vector machines (SVMs) and random forest (RF) have recently become popular in detecting SQLi. However, these classifiers ensure 97.33% accuracy with our dataset. In this paper, we propose a deep learning-based solution for detecting SQLi in web applications. The solution employs both correlation and chi-squared methods to rank the features from the dataset. Feed-forward network approach has been applied not only in feature selection but also in the detection process. Our solution provides 98.04% accuracy over 1,850+ recorded datasets, where it proves its superior efficiency among other existing machine learning solutions.

Keywords
SQL injection; injection vulnerability detection; machine learning; neural network
Journal or Conference Name
Indonesian Journal of Electrical Engineering and Informatics
Publication Year
2021
Indexing
scopus