Detection of SQL injection based on artificial neural network

The SQL injection, a common web attack, has been a challenging network security issue which causes annually millions of dollars of financial loss worldwide as well as a large amount of users’ privacy data leakage. This work presents a high accuracy SQL injection detection method based on neural netw...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Knowledge-based systems 2020-02, Vol.190, p.105528, Article 105528
Hauptverfasser: Tang, Peng, Qiu, Weidong, Huang, Zheng, Lian, Huijuan, Liu, Guozhen
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The SQL injection, a common web attack, has been a challenging network security issue which causes annually millions of dollars of financial loss worldwide as well as a large amount of users’ privacy data leakage. This work presents a high accuracy SQL injection detection method based on neural network. We first acquire authentic user URL access log data from the Internet Service Provider(ISP), ensuring that our approach is real, effective and practical. We then conduct statistical research on normal data and SQL injection data. Based on the statistical results, we design eight types of features and train an MLP model. The accuracy of the model maintains over 99%. Meanwhile, we compare and evaluate the training effect of other machine learning algorithms(LSTM, for example), the results reveal that the accuracy of our method is superior to the relevant machine learning algorithms.
ISSN:0950-7051
1872-7409
DOI:10.1016/j.knosys.2020.105528