SQL Injection Attack Detection Using Machine Learning Algorithm

Main Article Content

Taseer Muhammad
Hamayoon Ghafory

Abstract

The structured query language injection attack (SQLIA) is a well-known cyberattack targeting vulnerabilities in web-based applications; it is used to carry out illegal information control language, bypass confirmation measures, and get access to restricted data. There was some consideration given to existing systematic reviews in the literature. Contemporary systematic reviews frequently incorporate both older and more contemporary works in the topic. Therefore, we restricted ourselves to recently published works. For the current study, I used information from 2012 through 2020. Encryption, XML, design coordination, parsing, and machine learning are just some of the methods and systems that can be used to spot and prevent SQL injection attacks. The Machine Learning (ML) process, which has been proved to be important for SQLIA relief, is applied with the help of guarded coding. Machine learning approaches require a large amount of data for model preparation and only handle a few number of attack types. The use of ML methods may alleviate a particularly challenging vision impairment SQL injection attack. In the Waikato Climate for Data Exploration study, we looked at the following methods: Logistic Regression (LRN), Stochastic Gradient Descent (SDG), Sequential Minimal Optimization (SMO), Bayes Network (BNK), Instance-Based Learner (IBK), Multilayer Perceptron (MLP), Naive Bayes (NB), and J48. Wait (70%) and 10-fold Cross Validation assessment procedures were used to survey the presentation of the regulated learning grouping calculations to choose the optimal calculation. Accuracy values for SMO, IBK, and J48 were found to be 98.7785%, 98.4285%, and 98.2985% using the Cross Validation method, and 98.7956%, 98.1526%, and 100 using the Hold-Out method. Using the Cross Validation method SMO took IBK and J48 10.15 seconds, 0.06 seconds, and 14.12 seconds, whereas using the Hold-Out method SMO took 9.71 seconds, 0.16 seconds, and 14.28 seconds to construct their models. Based on the findings, IBK was chosen as the classifier for SQLIA detection and prevention since it was the fastest to train a model using the Cross Validation strategy and had the best overall performance. Not only is accuracy essential when choosing an algorithm for predictive analytics, but also a variety of performance assessment indicators.


 

Downloads

Download data is not yet available.

Article Details

How to Cite
Taseer Muhammad, & Hamayoon Ghafory. (2022). SQL Injection Attack Detection Using Machine Learning Algorithm. Mesopotamian Journal of CyberSecurity, 2022, 5–17. https://doi.org/10.58496/MJCS/2022/002
Section
Articles