| Popis: |
SQL (Structured Query Language) injection is one of the most prevalent and dangerous forms of cyber-attacks, posing significant threats to database management systems and the overall security of web applications. By exploiting vulnerabilities in web applications, attackers can execute malicious SQL statements, potentially compromising the integrity and confidentiality of critical data. To combat these threats, in this study, we introduce two novel CNN models, SIDNet-1 (SQL Injection-attack Detection Network-1) and SIDNet-2 (SQL Injection-attack Detection Network-2), specifically designed for the classification of SQL injection attacks to bolster web application security. Our comprehensive evaluation includes a comparison of the performance of these customized CNN models against traditional machine learning approaches, highlighting improvements in classification accuracy and reductions in false alarm rates. The proposed models have been experimented with two publicly available dataset SQLI (SQL-Injection) and SQLV2 (SQL-Injection version2). Specifically, SIDNet-1 achieves an impressive accuracy of 98.02% on the SQLI dataset, while SIDNet-2 closely follows with 97.54%. Furthermore, on the SQLIV2 dataset, SIDNet-1 attains 97.77%, and SIDNet-2 achieves 97.83% accuracy respectively. |
