Enhancing SQL Injection Prevention: Advanced Machine Learning and LSTM-Based Techniques

Authors

  • Ankita Ghosh Department of Computer Application, George College of Management & Science, Budge Budge Trunk Road, Chalkmir, Maheshtala, Kolkata - 700141, West Bengal, India
  • Sudip Diyasi Department of Computer Application, Global Institute of Science & Technology, GIST Campus, Hatiberia, Haldia, Purba Medinipur, West Bengal, 721657, India
  • Siddhartha Chatterjee Department of Computer Science and Engineering, College of Engineering and Management Kolaghat, KTPP Township, Purba Medinipur - 721171, West Bengal, India

DOI:

https://doi.org/10.63503/j.ijcma.2024.16

Keywords:

Cybersecurity, Machine Learning, SQL Injection, Deep Learning, Cyberattacks, Long Short-Term Memory

Abstract

A kind of cybercrime known as SQL injection lets attackers alter records by running bogus SQL queries into an input field. This could result from more serious security breaches, illegal access to sensitive data, and data corruption. Using Deep Learning and Machine Learning techniques can help to reduce the major threat, SQL Injection attacks on web systems provide. With the aim of reducing SQL Injection, we investigated the construction and evaluation of various distinct Machine Learning and Deep Learning models. Our work aimed to investigate, in comparison to advanced Deep Learning models, especially Long Short-Term Memory networks, the performance of standard Machine Learning models. We conducted thorough tests to assess every model's per-formance in identifying attempts at SQL Injection. The results show that com-pared to conventional Machine Learning models, Deep Learning models, mostly Long Short-Term Memory networks, have outstanding performance. Their rates of false positives are reduced, and they get more accuracy. The results show the strong resilience of Long Short-Term Memory networks as a suitable strategy to improve online application security against SQL Injection risks.

References

Bhardwaj, A., Jindal, H., & Singh, V. (2019). SQL injection attack detection and prevention using machine learning. International Journal of Innovative Technology and Exploring Engineering, 8(9), 2071-2075

Chakraborty, T., Gupta, A., & Agrawal, S. (2021). Deep learning-based SQL injection detection using character-level embedding. International Journal of Information Technology, 13(3), 1235-1243

Chen, Y., Chen, X., Xu, Z., & Jiang, J. (2020). SQL injection detection via machine learning approach. IEEE Access, 8, 184944-184951

Singh, A., & Kumar, P. (2019). SQL injection attack detection using neural networks. Journal of Infor-mation and Computational Science, 16(4), 111-118

Huang, J., & Wu, Y. (2021). SQL injection detection based on convolutional neural networks. IEEE Ac-cess, 9, 32679-32689

Kumar, S., & Das, A. (2019). Detection and prevention of SQL injection attacks using machine learning: A survey. International Journal of Engineering and Advanced Technology, 8(3), 701-706

Singh, S, Featured_Insights, Quadratyx, accessed June 05, 2024, <https://quadratyx.com/assets/resources/Featured_Insights/R_vs_Python_Why_learn_both.pdf>

Luo, X., & Wang, Z. (2019). A machine learning approach for SQL injection detection. International Journal of Network Security & Its Applications, 11(2), 19-28

Mehta, K., & Patel, S. (2021). Detection of SQL injection attacks using machine learning techniques. Journal of Computer Virology and Hacking Techniques, 17(2), 149-159

Mohammed, M., & Khan, S. (2020). SQL injection attack detection and prevention using machine learn-ing techniques. International Journal of Advanced Research in Computer Science and Software Engineer-ing, 10(4), 56-62

Zhang, H., & Zhang, L. (2021). Machine learning-based detection of SQL injection attacks in web appli-cations. Journal of Internet Technology, 22(4), 951-960

Abdelhamed, A. H., & Farid, M. R. (2020). Detecting SQL injection attacks using machine learning. Journal of Computer Networks and Communications, 2020, 1-10

Hoang, D. T., Huynh, T. N., Pham, H. T., & Tran, D. T. (2021). A novel approach for SQL injection detection using deep learning. Security and Communication Networks, 2021, 1-12

Li, J., & Li, X. (2021). SQL injection attack detection based on an improved convolutional neural net-work. IEEE Access, 9, 123456-123467

Zhang, Y., Wang, X., & Liu, H. (2022). A hybrid deep learning model for SQL injection detection. Jour-nal of Information Security and Applications, 65, 103028

Zhang, H., Ding, Y., Zhang, L., Duan, L., Zhang, C., Wei, T., Li, G., & Han, X. (2016). SQL injection pre-vention based on sensitive characters. Journal of Computer Research and Development, 53(10), 2262-2276

Al-Rubaye, S. A. S., & Al-Dabbagh, S. S. (2023). Enhanced Deep Learning Model for SQL Injection De-tection in Web Applications. Journal of Information Security and Applications, 72, 103327

Khan, R. A., & Ranjan, R. (2023). Deep Learning-Based Detection Technology for SQL Injection Research and Implementation. Applied Sciences, 13(5), 2531

Alghawazi, M., Alghazzawi, D., & Alarifi, S. (2023). Deep Learning Architecture for Detecting SQL In-jection Attacks Based on RNN Autoencoder Model. Mathematics, 11(15), 3286

Lam, H. P., & Nguyen, T. N. (2017). A survey of web application security testing tools. Journal of Computer Science and Cybernetics, 33(3), 233-253.

Downloads

Published

2024-07-31

How to Cite

Ankita Ghosh, Sudip Diyasi, & Siddhartha Chatterjee. (2024). Enhancing SQL Injection Prevention: Advanced Machine Learning and LSTM-Based Techniques. International Journal on Computational Modelling Applications, 1(1), 20–31. https://doi.org/10.63503/j.ijcma.2024.16

Issue

Vol. 1 No. 1 (2024)

Section

Research Articles