A Novel Technique for Ensuring Data Integrity on Machine Learning Techniques Against SQL Injection Attacks
摘要
SQL Injection Attack is one of the most dangerous kinds of web-based service attacker, mainly relating to the web services that deal with confidential data, such as banks, financial institutions, and health sectors. In such an attack, an attacker injects fictitious SQL commands into a targeted online applications’ database server with a view to taking access to sensitive data. SQL injection remains one of the most common threats to database security, which compromises data integrity and exposes sensitive data to malicious exploitation. The paper discusses a new paradigm in preventing such attacks by using machine learning techniques to identify and patch vulnerabilities in real time. The proposed model will classify malicious versus legitimate inputs using a supervised learning approach developed on a wide range of SQL query datasets. In such a system, the integration of anomaly detection with feature extraction techniques picks up very minute patterns that are usually missed by traditional rule-based approaches. Results have shown increased detection of complex SQL injection attempts with very low false positives. This work therefore goes to show how machine learning could enhance database security frameworks and, in addition, open up new avenues for innovation in the protection of vital data systems.