دانشگاه سمنان

 آمار

تعداد نشریات21
تعداد شماره‌ها610
تعداد مقالات9,028
تعداد مشاهده مقاله67,082,875
تعداد دریافت فایل اصل مقاله7,656,353
AL-Maliki, Manar, Jasim, Mahdi. (1402). Comparison study for NLP using machine learning techniques to detecting SQL injection vulnerabilities. نشریه هنرهای کاربردی, 14(8), 283-290. doi: 10.22075/ijnaa.2022.28365.4098
Manar Hasan Ali AL-Maliki; Mahdi Nsaif Jasim. "Comparison study for NLP using machine learning techniques to detecting SQL injection vulnerabilities". نشریه هنرهای کاربردی, 14, 8, 1402, 283-290. doi: 10.22075/ijnaa.2022.28365.4098
AL-Maliki, Manar, Jasim, Mahdi. (1402). 'Comparison study for NLP using machine learning techniques to detecting SQL injection vulnerabilities', نشریه هنرهای کاربردی, 14(8), pp. 283-290. doi: 10.22075/ijnaa.2022.28365.4098
AL-Maliki, Manar, Jasim, Mahdi. Comparison study for NLP using machine learning techniques to detecting SQL injection vulnerabilities. نشریه هنرهای کاربردی, 1402; 14(8): 283-290. doi: 10.22075/ijnaa.2022.28365.4098

Comparison study for NLP using machine learning techniques to detecting SQL injection vulnerabilities

International Journal of Nonlinear Analysis and Applications
مقاله 25، دوره 14، شماره 8، آبان 2023، صفحه 283-290    اصل مقاله (1.03 M)
نوع مقاله: Research Paper
شناسه دیجیتال (DOI): 10.22075/ijnaa.2022.28365.4098
نویسندگان
Manar Hasan Ali AL-Maliki* 1؛ Mahdi Nsaif Jasim2
1Computer Science Department, Informatics Institute for Postgraduate Studies, Iraq
2University of Information Technology and Communications, Iraq
تاریخ دریافت: 23 خرداد 1401،  تاریخ بازنگری: 29 تیر 1401،  تاریخ پذیرش: 08 شهریور 1401 
چکیده
Due to the vast number of electronic attacks that occur on a daily basis, protecting users' data is extremely important in this age of technology. Nowadays, cyber security is regarded as a top priority. Thus, the preservation of user privacy and data security is essential. The SQL vulnerability isn't a new form of website attack; it's been around for a long time. However, it is a new attack nowadays. ML algorithms were used to solve the problem of detecting SQL Injection attacks on websites. By training seven ML algorithms on a batch of data comprising SQL injection queries, including (Naive Bayes, Neural-Network, SVM, Random-Forest, KNN, and Logistic Regression) and choosing the best model that gives the highest accuracy. In comparison to previous studies, high-precision data were obtained, with the Naive-Bayes algorithm achieving 0.99 accuracies, 0.98 precision, 1.00 recall, and a 0.99 f1-score. In this paper, experiences, work schedules, and outcomes are examined. Compared to other methods, this naive Bayes approach has proven to be quite accurate in identifying SQL injection threats.
کلیدواژه‌ها
Security؛ Attacks؛ SQL injection؛ Machine learning؛ Deep learning
مراجع

[1] J. Abirami, R. Devakunchari and C. Valliyammai, A top web security vulnerability SQL injection attack—survey, Seventh Int. Conf. Adv. Comput., 2015, pp. 1–9.

[2] A. Alam, M. Tahreen, M.M. Alam, S.A. Mohammad and S. Rana, SCAMM: detection and prevention of SQL injection attacks using a machine learning approach, PhD diss. Brac University, 2021.

[3] M. Al-Maliki and M. Jasim, Review of SQL injection attacks: detection, to enhance the security of the website

from client-side attacks, Int. J. Nonlinear Anal. Appl. 13 (2022), no. 1, 3773–3782.

[4] N. Gandhi, J. Patel, R. Sisodiya, N. Doshi and S. Mishra, A CNN-BiLSTM based approach for detection of SQL injection attacks, Proc. 2nd IEEE Int. Conf. Comput. Intell. Knowl. Econ. ICCIKE, 2021, pp. 378–383.

[5] J. Harefa, G. Prajena, A. Alexander, A. Muhamad, E.V.S. Dewa and S. Yuliandry, SEA WAF: the prevention of SQL injection attacks on web applications, Adv. Sci. Technol. Eng. Syst. J. 6 (2021), no. 2, 405–411.

[6] M. Hill and D. Swinhoe, The 15 biggest data breaches of the 21st century, CSO Online, 2022.

[7] ¨ O. Kasim, An ensemble classification-based approach to detect attack level of SQL injections, J. Inf. Secur. Appl. 59 (2021), 102852.

[8] R.A. Katole, Parameter values of SQL query, 2018 2nd Int. Conf. Inven. Syst. Control, (2018), no. Icisc, 736–741.

[9] S.A. Krishnan, A.N. Sabu, P.P. Sajan and A.L. Sreedeep, SQL injection detection using machine learning, Rev. Gestao Inova,cao e Tecnol. 11 (2021), no. 3, 300–310.

[10] L. Ma, D. Zhao, Y. Gao and C. Zhao, Research on SQL injection attack and prevention technology based on web, Proc. 2nd Int. Conf. Comput. Network, Electron. Autom. ICCNEA, 2019, pp. 176–179.

[11] S. Mishra, SQL injection detection using machine learning, Master’s Projects, San Jose State University, 2019.

[12] M.T. Muslihi and D. Alghazzawi, Detecting SQL injection on web application using deep learning techniques: a systematic literature review, Third Int. Conf. Vocat. Educ. Electric. Engin. (ICVEE), 2020, pp. 1–6.

[13] K. Natarajan and S. Subramani, Generation of SQL-injection free secure algorithm to detect and prevent SQL injection attacks, Proc. Technol. 4 (2012), 790–796.

[14] OWASP, Top 10 web application security risks, https://owasp.org/www-project-top-ten/, 2021.

[15] T. Pattewar, H. Patil, H. Patil, N. Patil, M. Taneja and T. Wadile, Detection of SQL injection using machine learning: a survey, Int. Res. J. Eng. Technol. 6 (2019), no. 11, 239–246.

[16] V.B. Polinati, S.C. Nekkalapudi, N.S. Sanjana and R.V. Bhupathiraju, SQL injection prediction web app using different machine learning algorithms Vinod, J. Eng. Sci. 13 (2022), no. 4.

[17] K. Ross, SQL injection detection using machine learning techniques and multiple data sources, Department of Computer Science, Master’s Project, San Jose State University, 2018.

[18] P. Yaworski, Web hacking 101 how to make money hacking ethically,

https://dlib.hust.edu.vn/handle/HUST/19127, 2022.

[19] K. Zhang, A machine learning based approach to identify SQL injection vulnerabilities, 34th IEEE/ACM Int. Conf. Automated Software Engin., 2019, pp. 1286-1288.

آمار
تعداد مشاهده مقاله: 16,831
تعداد دریافت فایل اصل مقاله: 676


سامانه مدیریت نشریات علمی. قدرت گرفته از سیناوب