Research Article Open Access

Machine Learning-Based Technique to Detect SQL Injection Attack

Muhammad Amirulluqman Azman1, Mohd Fadzli Marhusin1 and Rossilawati Sulaiman2
  • 1 Universiti Sains Islam Malaysia, Malaysia
  • 2 Universiti Kebangsaan Malaysia, Malaysia

Abstract

Lack of secure codes implemented in the web apps will lead to cyber-attack because of vulnerabilities. The statistic shows that highest record on the data theft related cyber-attacks are through the SQL injection technique. Hence, an effective SQL injection detection is needed in any web system to combat this threat. In this research, machine learning technique is used where training is provided to the SQL injection detector using a training data and then is evaluated against a testing data. The research relies on the preparation of the training and testing datasets. Training sets are used by the detector to establish the knowledge base and the test set is used to evaluate the performance of the detector. The result of the detection shows that the proposed technique produces high accuracy in recognizing malicious and benign web requests.

Journal of Computer Science
Volume 17 No. 3, 2021, 296-303

DOI: https://doi.org/10.3844/jcssp.2021.296.303

Submitted On: 31 December 2020 Published On: 27 March 2021

How to Cite: Azman, M. A., Marhusin, M. F. & Sulaiman, R. (2021). Machine Learning-Based Technique to Detect SQL Injection Attack. Journal of Computer Science, 17(3), 296-303. https://doi.org/10.3844/jcssp.2021.296.303

  • 4,045 Views
  • 4,313 Downloads
  • 16 Citations

Download

Keywords

  • Machine Learning
  • Signature-Based
  • Knowledge-Based
  • SQL Injection
  • SQL Injection Tools