DEVELOPING SQL INJECTION PREVENTION MODEL USING DEEP LEARNING TECHNIQUE

Abstract

Cyber security is the study of all aspects of communication security and privacy, and it is dedicated to protecting computer systems from attacks that compromise the hardware, software, or information. A Structured Query Language Injection is one of the most common cyber security attacks on the database of a web application. The attack is a common and dominating type of major web application assault, as well as one of the most serious cyber security threats in which hackers gain access to data. A hacker could simply gain unauthorized access to the web application's underlying database, giving them complete and total control of the system. Many methods and approaches for preventing Structured Query Language Injection Attacks have been developed by several researchers. A deep learning Convolutional Neural Network was used to create a model to prevent Structured Query Language Injection Attacks in this study. In this study, the primary data was collected from Kaggle (SQL injection attack dataset) and it contains a total of 4,199 number SQL injection attacks query and normal text. the data splitting used is 80%-20% for training and testing respectively Furthermore, 90%-10% of data partitioning has experimented. The experiment conducted suggests the 80%-20% data splitting achieved a good result, In addition, the proposed model was built using five different scenarios in the experiment. The scenarios have different parameters and hyperparamter values. Finally, according to the classification metrics report, the proposed model has a 97% accuracy in detecting and preventing Structured Query Injection Attacks while testing with unseen data. Finally, the proposed model produced promising results when tested on an unknown dataset.