IET Software (Apr 2021)

Long short‐term memory on abstract syntax tree for SQL injection detection

  • Z. Zhuo,
  • T. Cai,
  • X. Zhang,
  • F. Lv

DOI
https://doi.org/10.1049/sfw2.12018
Journal volume & issue
Vol. 15, no. 2
pp. 188 – 197

Abstract

Read online

Abstract SQL injection attack (SQLIA) is a code injection technique, used to attack data‐driven applications by executing malicious SQL statements. Techniques like pattern matching, software testing and grammar analysis etc. are frequently used to prevent such attack. However, major bottlenecks still remain in detecting SQLIA with bypassing techniques, getting access to source code and requiring an additional manual operation to extract features. The authors propose a novel detection approach based on long short‐term memory and abstract syntax tree, which could detect SQLIAs from the raw query strings and work under SQL detection bypassing scenario. Our deep learning technique explicitly uses both context and syntax information that previous methods failed to fully grasp. Experimental results clearly illustrate the superior performance of our method compared to other existing works when detecting with complete SQL raw queries.

Keywords