Evaluating CNN Effectiveness in SQL Injection Attack Detection

Abstract

SQL injection attacks are among the most prominent threats against Web application security, intended to illegitimately access sensitive information by exploiting related vulnerabilities. Their detection with traditional rule-based approaches is futile in view of this evolving nature and complexity of SQL Injection Attack (SQLIA). This paper proposes a new approach towards detecting SQLIA using Convolutional Neural Networks, one of the deep learning techniques very famous for its capability of automatically learning intricate patterns and representations from large-scale datasets. We focus on leveraging this strength of CNNs while working on the structure and semantics of SQL queries to help in differentiating malicious and benign inputs. In this paper, we describe a detailed method-ology that includes data preprocessing, feature extraction, model training, and evaluation. In this paper, we propose a CNN model trained and tested using a large dataset containing 109,520 SQL queries with an accuracy of 97.41%. Further, we have tested the efficiency of the model with the help of precision, recall, and F1-score, and it turned out to be effective for the identification and classifications of SQLIA properly. The model showed high precision, 96.50%, and high recall, 99.00%, which gives it the capability to reduce false positives and false negatives. The balanced F1-score was 97.00%, thereby confirming that this model performed well in detecting and classifying SQLIAs. These results may indicate that deep learning techniques, and particularly CNNs, have some potential to be very useful in enhancing web application security by providing a robust, adaptive solution for mitigating risks caused by SQL injection attacks.