UTAR Institutional Repository

Detection of SQL injection attack using machine learning

Tung, Tean Thong (2024) Detection of SQL injection attack using machine learning. Final Year Project, UTAR.

[img]
Preview
 PDF
Download (5Mb) | Preview

    Abstract

    The rapid proliferation of online services has led to a significant increase in the utilisation of the internet. User data is considered the most precious asset of the firm; nonetheless, databases are susceptible to many assaults and dangers. SQL injection (SQLI) refers to a specific type of security vulnerability that occurs when unauthorised SQL code is inserted into web applications to compromise databases, leading to potential consequences such as data breaches, server disruptions, and data loss within an organisational context. Based on the literature review findings, it has been observed that conventional techniques employed for detecting SQLI attacks often exhibit limitations in their effectiveness and suffer from various drawbacks. This work presents a novel real-time system for detecting SQLI attacks. The system utilises a machine learning approach to train and enhance its ability to identify and prevent SQLI attacks accurately. The machine learning algorithms employed in this study encompass Convolutional Neural Networks (CNN), Logistic Regression, Naïve Bayes Classifier, Support Vector Machine, and Random Forest. The system covers multiple stages: project pre-development, data pre-processing, feature selection, machine learning model selection, model training, model testing, implementation, and assessment. Integrating this system into the backend of the web application server would augment the safety and security measures of the online application. The system will undergo real-time monitoring through periodic analysis of website traffic statistics. Upon detection of a SQLI attack, the system will generate and transmit a comprehensive report to promptly warn the network administrator of the occurrence of the attack. This notification enables the administrator to undertake the necessary measures to address the vulnerability by applying appropriate patches to the web application.

    Item Type: Final Year Project / Dissertation / Thesis (Final Year Project)
    Subjects: T Technology > T Technology (General)
    T Technology > TD Environmental technology. Sanitary engineering
    Divisions: UNSPECIFIED
    Depositing User: ML Main Library
    Date Deposited: 23 Oct 2024 14:47
    Last Modified: 23 Oct 2024 14:47
    URI: http://eprints.utar.edu.my/id/eprint/6685

    Actions (login required)

    		 View Item
    EPrints Logo
    UTAR Institutional Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.