Machine Learning Blunts the Needle of Advanced SQL Injections
MetadataShow full item record
SQL injection is one of the most popular and serious information security threats. By exploiting database vulnerabilities, attackers may get access to sensitive data or enable compromised computers to conduct further network attacks. Our research is focused on applying machine learning approaches for identication of injection characteristics in the HTTP query string. We compare results from Rule-based Intrusion Detection System, Support Vector Machines, Multilayer Perceptron, Neural Network with Dropout layers, and Deep Sequential Models (Long Short-Term Memory, and Gated Recurrent Units) using multiple string analysis, bag-of-word techniques, and word embedding for query string vectorization. Results proved benets of applying machine learning approach for detection malicious pattern in HTTP query string.
KeywordsSQL injection identication, machine learning, deep learning, recurrent neural networks, text analysis, web application firewall, intrusion detection system
Document typePeer reviewed
Document versionFinal PDF
SourceMendel. 2018 vol. 25, č. 1, s. 23-30. ISSN 1803-3814
- Vol. 25, No. 1