An Experimental setup for Detecting SQLiAttacks using Machine Learning Algorithms
This was a project I started back in 2019 when I first learned about databases and cybersecurity. I was the lead author for this paper under the wonderful mentorship of Dr. Vinitha Subburaj.
The premise is to build a machine learning model that can detect any malicious SQL queries before it get injected into the databases. The training data consist of benign user input and malicious queries from the amazing community of Kaggle.
The results are very promising with >90% accuracy on most of the algorithms trained. In comparison to the state of the art, this is either on par or better and it works against multiple types of SQL injection Attacks (SLQIA).
More detailed discussion about results is in the paper linked below.
The future plan is to implement a sandbox-type website to showcase the model in practice.
Technologies:
- - Python
- - Scikit-learn
A snapshot of the results
