A Hybrid Approach for Detecting SQL-Injection Using Machine Learning Techniques

Hari Krishna; Jared Oluoch; Junghwan Kim

doi:10.5220/0013078100003899

A Hybrid Approach for Detecting SQL-Injection Using Machine Learning Techniques

Hari Krishna, Jared Oluoch, Junghwan Kim

2025

Abstract

SQL injection is a common web hacking technique that allows hackers to gain unauthorized access to a database. These database breaches may have far-reaching financial consequences to individuals, organizations, and the society. This paper introduces an innovative approach that combines Naive Bayes, Long Short-Term Memory (LSTM), and Random Forest to enhance the detection and mitigation of SQL injections. By extracting and analyzing data through the sequential application of Naive Bayes and LSTM algorithms, the proposed methodology uniquely synthesizes their outputs to inform a Random Forest classifier, aiming to optimize accuracy in identifying potential threats. The efficacy of this approach is validated through comprehensive testing, yielding a significant improvement in detection accuracy compared to conventional methods. Findings demonstrate the potential of integrating diverse machine learning techniques for cybersecurity applications and pave the way for future advancements in the automated detection of SQL injection and other similar cyber threats. The implications of this research extend to developing more secure web environments, ultimately contributing to the broader field of information security.

Download

Paper Citation

in Harvard Style

Krishna H., Oluoch J. and Kim J. (2025). A Hybrid Approach for Detecting SQL-Injection Using Machine Learning Techniques. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP; ISBN 978-989-758-735-1, SciTePress, pages 15-23. DOI: 10.5220/0013078100003899

in Bibtex Style

@conference{icissp25,
author={Hari Krishna and Jared Oluoch and Junghwan Kim},
title={A Hybrid Approach for Detecting SQL-Injection Using Machine Learning Techniques},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP},
year={2025},
pages={15-23},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013078100003899},
isbn={978-989-758-735-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP
TI - A Hybrid Approach for Detecting SQL-Injection Using Machine Learning Techniques
SN - 978-989-758-735-1
AU - Krishna H.
AU - Oluoch J.
AU - Kim J.
PY - 2025
SP - 15
EP - 23
DO - 10.5220/0013078100003899
PB - SciTePress