SQLi Detection with ML: A Data-Source Perspective

Balázs Pejó; Nikolett Kapui

doi:10.5220/0012050100003555

SQLi Detection with ML: A Data-Source Perspective

Balázs Pejó, Nikolett Kapui

2023

Abstract

Almost 50 years after the invention of SQL, injection attacks are still top-tier vulnerabilities of today’s ICT systems. In this work, we highlight the shortcomings of the previous Machine Learning based results and fill the identified gaps by providing a comprehensive empirical analysis. We cross-validate the trained models by using data from other distributions which was never studied in relation with SQLi. Finally, we validate our findings on a real-world industrial SQLi dataset.

Download

Paper Citation

in Harvard Style

Pejó B. and Kapui N. (2023). SQLi Detection with ML: A Data-Source Perspective. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 642-648. DOI: 10.5220/0012050100003555

in Bibtex Style

@conference{secrypt23,
author={Balázs Pejó and Nikolett Kapui},
title={SQLi Detection with ML: A Data-Source Perspective},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={642-648},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012050100003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - SQLi Detection with ML: A Data-Source Perspective
SN - 978-989-758-666-8
AU - Pejó B.
AU - Kapui N.
PY - 2023
SP - 642
EP - 648
DO - 10.5220/0012050100003555
PB - SciTePress