Recently, the internet posed various dangers, including cyberattacks, data breaches, and exposure to inappropriate content. Implementing a “Web Application Firewall (WAF)” is essential to safeguard applications from these threats by filtering and monitoring HTTP traffic. SQL injection (SQLi) is among the most dangerous vulnerabilities in web applications, posing a significant threat to the confidentiality, integrity, and availability of database systems. This paper introduces a novel, real-time WAF system (PWAFS) that leverages a unique combination of optimized feature engineering and custom deep learning to detect and counter SQLi attacks. Specifically, the SQLi attack dataset was enhanced through Term Frequency-Inverse Document Frequency (TF-IDF) and Synthetic Minority Over-sampling Technique (SMOTE), creating a robust training framework. A custom deep learning architecture, the SQL Neural Network (SQLNN), is proposed alongside traditional machine learning algorithms such as Random Forest (RF), K-Nearest Neighbors (KNN), and Decision Tree (DT). The novelty lies in the development and integration of SQLNN with optimized data preprocessing, resulting in superior performance compared to conventional approaches. These models demonstrated exceptional performance, achieving accuracy exceeding 99%. The effectiveness of the models was evaluated using a confusion matrix to verify their ability to accurately identify malicious queries. The results indicate that utilizing machine and deep learning techniques, especially with improved data and algorithms, can greatly improve the detection and prevention of SQLi attacks.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Active Web Application Firewall for SQL Injection Attack Based on Artificial Intelligence

  • Aya Amer Zaki,
  • Saja J. Mohammed

摘要

Recently, the internet posed various dangers, including cyberattacks, data breaches, and exposure to inappropriate content. Implementing a “Web Application Firewall (WAF)” is essential to safeguard applications from these threats by filtering and monitoring HTTP traffic. SQL injection (SQLi) is among the most dangerous vulnerabilities in web applications, posing a significant threat to the confidentiality, integrity, and availability of database systems. This paper introduces a novel, real-time WAF system (PWAFS) that leverages a unique combination of optimized feature engineering and custom deep learning to detect and counter SQLi attacks. Specifically, the SQLi attack dataset was enhanced through Term Frequency-Inverse Document Frequency (TF-IDF) and Synthetic Minority Over-sampling Technique (SMOTE), creating a robust training framework. A custom deep learning architecture, the SQL Neural Network (SQLNN), is proposed alongside traditional machine learning algorithms such as Random Forest (RF), K-Nearest Neighbors (KNN), and Decision Tree (DT). The novelty lies in the development and integration of SQLNN with optimized data preprocessing, resulting in superior performance compared to conventional approaches. These models demonstrated exceptional performance, achieving accuracy exceeding 99%. The effectiveness of the models was evaluated using a confusion matrix to verify their ability to accurately identify malicious queries. The results indicate that utilizing machine and deep learning techniques, especially with improved data and algorithms, can greatly improve the detection and prevention of SQLi attacks.