Machine Learning Blunts the Needle of Advanced SQL Injections

Marina Volkova; Petr Chmelar; Lukas Sobotka

doi:10.13164/mendel.2019.1.023

Mendel (Jun 2019)

Machine Learning Blunts the Needle of Advanced SQL Injections

Marina Volkova,
Petr Chmelar,
Lukas Sobotka

Affiliations

Marina Volkova: GREYCORTEX, Brno, Czech Republic
Petr Chmelar: GREYCORTEX, Brno, Czech Republic
Lukas Sobotka: GREYCORTEX, Brno, Czech Republic

DOI: https://doi.org/10.13164/mendel.2019.1.023
Journal volume & issue: Vol. 25, no. 1

Abstract

Read online

SQL injection is one of the most popular and serious information security threats. By exploiting database vulnerabilities, attackers may get access to sensitive data or enable compromised computers to conduct further network attacks. Our research is focused on applying machine learning approaches for identication of injection characteristics in the HTTP query string. We compare results from Rule-based Intrusion Detection System, Support Vector Machines, Multilayer Perceptron, Neural Network with Dropout layers, and Deep Sequential Models (Long Short-Term Memory, and Gated Recurrent Units) using multiple string analysis, bag-of-word techniques, and word embedding for query string vectorization. Results proved benets of applying machine learning approach for detection malicious pattern in HTTP query string.

Published in Mendel

ISSN: 1803-3814 (Print); 2571-3701 (Online)
Publisher: Brno University of Technology
Country of publisher: Czechia
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://mendel-journal.org

About the journal

Abstract

Keywords