Analysing the Application of Machine Learning Techniques for Detecting SQL Injection Vulnerabilities in Web Applications
摘要
In the rapidly growing sector of web development, there exists a vulnerability to attacks like SQL injection. SQL injection attacks pose serious security vulnerabilities that are focused on compromising data security and integrity of the system. SQL injection is vulnerable to web-based application that use SQL for database management. SQL injection utilizes SQL vulnerabilities in the code through the empty fields that are required to be filled by the user which provides the attacker an access to confidential data of the compromised system. These attacks happen primarily on underdeveloped and low-quality websites. Though, there are many precautions that can be taken by the developer to avoid SQL injection attacks. However, these precautions fail to cover the entire scope of the problem. Due to the versatility of SQL injections, precautions fall behind in detecting altered or new approaches of such kind of attacks. Recent studies urge the need to utilize machine learning techniques to detect and mitigate SQL injection vulnerabilities in web applications. As general precautions and traditional signature-based detection methods lack standardized structure which results in poor detection of SQL injection attacks. Several studies explore different techniques and machine learning algorithms to enhance the capability to detect and mitigate SQL injection vulnerabilities in web applications. This study analyses such techniques and algorithms to conclude the utility of machine learning approach in this domain and a SVM model is implemented to detect SQL injections and monitor the change in its performance after tuning several aspects of the model like datasets, data pre-processing, and data manipulation.