SQL Injection Attack is one of the most dangerous kinds of web-based service attacker, mainly relating to the web services that deal with confidential data, such as banks, financial institutions, and health sectors. In such an attack, an attacker injects fictitious SQL commands into a targeted online applications’ database server with a view to taking access to sensitive data. SQL injection remains one of the most common threats to database security, which compromises data integrity and exposes sensitive data to malicious exploitation. The paper discusses a new paradigm in preventing such attacks by using machine learning techniques to identify and patch vulnerabilities in real time. The proposed model will classify malicious versus legitimate inputs using a supervised learning approach developed on a wide range of SQL query datasets. In such a system, the integration of anomaly detection with feature extraction techniques picks up very minute patterns that are usually missed by traditional rule-based approaches. Results have shown increased detection of complex SQL injection attempts with very low false positives. This work therefore goes to show how machine learning could enhance database security frameworks and, in addition, open up new avenues for innovation in the protection of vital data systems.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Novel Technique for Ensuring Data Integrity on Machine Learning Techniques Against SQL Injection Attacks

  • T. Upender,
  • K. Srujan Raju,
  • P. Kiran Kumar,
  • V. Srujana,
  • G. Sudha

摘要

SQL Injection Attack is one of the most dangerous kinds of web-based service attacker, mainly relating to the web services that deal with confidential data, such as banks, financial institutions, and health sectors. In such an attack, an attacker injects fictitious SQL commands into a targeted online applications’ database server with a view to taking access to sensitive data. SQL injection remains one of the most common threats to database security, which compromises data integrity and exposes sensitive data to malicious exploitation. The paper discusses a new paradigm in preventing such attacks by using machine learning techniques to identify and patch vulnerabilities in real time. The proposed model will classify malicious versus legitimate inputs using a supervised learning approach developed on a wide range of SQL query datasets. In such a system, the integration of anomaly detection with feature extraction techniques picks up very minute patterns that are usually missed by traditional rule-based approaches. Results have shown increased detection of complex SQL injection attempts with very low false positives. This work therefore goes to show how machine learning could enhance database security frameworks and, in addition, open up new avenues for innovation in the protection of vital data systems.