Book Chapter10.1007/978-981-19-7615-5_52
Detection SQL Injection Attacks Against Web Application by Using K-Nearest Neighbors with Principal Component Analysis
Eltin Srikarni Putri
- 01 Jan 2023
- pp 631-642
4
TL;DR: Wang et al. as mentioned in this paper proposed using a model to detect SQL injection attacks by applying machine learning algorithms, precisely the improved K-Nearest Neighbor algorithm, as the primary injection detection mechanism.
read more
Abstract: Web applications are exposed to many attacks, including SQL injection attacks, cross-site scripting, etc. This study will focus on attacks related to SQL-i. SQL-i injection leads to loss of confidentiality, integrity, and availability of data for users or organizations, as a result of which unauthorized persons have to access, update, and delete the user’s database, which leads to many risks at the individual or institutional level. Many methods for detecting SQL injection attacks include static analysis, dynamic analysis, and machine learning techniques. As a result, preventive measures must be implemented to combat the increased risk of SQL injection. This paper proposes using a model to detect these threats by applying machine learning algorithms, precisely the improved K-Nearest Neighbor algorithm, as the primary injection detection mechanism. Experiments show that applying the optimized K-Nearest Neighbor model with principal component analysis produces a dataset with significant advantages that improve model accuracy. After using the proposed model, the results showed good accuracy of 96.75% and time complexity, even with a difference in the number of features in the dataset used.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Artificial Intelligence-Based Model for Data Security and Mitigation Against SQL Injection Attacks in Web Applications
J. E. T. Akinsola,John E. Efiong,E. A. Olajubu,G. Aderounmu +3 more
- 16 Nov 2023
TL;DR: Performance evaluation of the ML algorithms using a 10-fold cross-validation approach revealed that IBK is the best classifier, achieving impressive results with 99.999% accuracy, 100.00% true negative, 0.01% false positive, 100.00% true positive, as well as 0.00% false negative.
1
Analyzing SQL payloads using logistic regression in a big data environment
Omar Salah F. Shareef,Rehab Flaih Hasan,Ammar Hatem Farhan +2 more
TL;DR: This study proposes an approach to protect big data from SQLIA attacks by using logistic regression and the Spark ML library. The approach achieved high accuracy and reduced the time consumed to classify SQL payloads.
A Comprehensive Evaluation of Machine Learning Algorithms for Web Application Attack Detection with Knowledge Graph Integration
Muhusina Ismail,Saed Alrabaee,Kim‐Kwang Raymond Choo,Luqman Ali,Saad Harous +4 more
SQL Injection Detection Using RNN Deep Learning Model
Abdulbasit Alazzawi
TL;DR: This research proposes a novel method for detecting SQL injection attacks using recurrent neural networks (RNN), which are a type of deep learning model that can capture the syntax and semantic features of SQL queries, and achieves high accuracy and outperformed the rule-based methods.
References
Principal component analysis
Hervé Abdi,Lynne J. Williams +1 more
TL;DR: Principal component analysis (PCA) as discussed by the authors is a multivariate technique that analyzes a data table in which observations are described by several inter-correlated quantitative dependent variables, and its goal is to extract the important information from the table, to represent it as a set of new orthogonal variables called principal components, and display the pattern of similarity of the observations and of the variables as points in maps.
A Brief Review of Nearest Neighbor Algorithm for Learning and Classification
Kashvi Taunk,Sanjukta De,Srishti Verma,Aleena Swetapadma +3 more
- 15 May 2019
TL;DR: This paper highlights the kNN method and its modified versions available in previously done researches and suggests variants that remove the weaknesses of kNN and provide a more efficient method.
666
An Introduction to Data Mining
Charu C. Aggarwal
- 01 Jan 2015
TL;DR: “Data mining” is a broad umbrella term used to describe these different aspects of data processing that are encountered in real applications.
234
Principal Component Analysis
Sidharth P. Mishra,U. Sarkar,Subhash Taraphder,Sanjoy Datta,Devi Prasanna Swain,Reshma Saikhom,Sasmita Panda,Menalsh Laishram +7 more
TL;DR: This chapter considers classical and robust principal component analysis (PCA), used to explain the dispersion structure with a few linear combinations of the original variables, called principal components.
156
Multi-fault Condition Monitoring of Slurry Pump with Principle Component Analysis and Sequential Hypothesis Test
TL;DR: A new method about the multi-fault condition monitoring of slurry pump based on principal component analysis (PCA) and sequential probability ratio test (SPRT) is proposed.
61