NETWORK'S ACCESS LOG CLASSIFICATION FOR DETECTING SQL INJECTION ATTACKS WITH THE LSTM ALGORITHM

Fajar Dzulnufrie Hafriadi; Rizka Ardiansyah

doi:10.52436/1.jutif.2024.5.4.2157

Fajar Dzulnufrie Hafriadi Informatics Engineering, Engineering, Universitas Tadulako, Indonesia
Rizka Ardiansyah Informatics Engineering, Engineering, Universitas Tadulako, Indonesia

DOI: https://doi.org/10.52436/1.jutif.2024.5.4.2157

Keywords: attack detection, LSTM, machine learning, SQL injection, web attacks

Abstract

SQL Injection attacks are one of the popular web attacks. This attack is a network security problem focused on the application layer which is one of the causes of a large number of user data leaks. Currently available SQL detection techniques mostly rely on manually created features. Generally, the detection results of SQL Injection attacks depend on the accuracy of feature extraction, so they cannot overcome increasingly complex SQL Injection attacks on various systems. Responding to these problems, this research proposes a SQL Injection attack detection method using the long short term memory (LSTM) algorithm. The LSTM algorithm can learn data characteristics effectively and has strong advantages in sorting data so that it can handle massive, high-dimensional data. The research results show that the accuracy of the model approach created is able to recognize objects with a high accuracy value of 98% in identifying SQL Injection attacks.

Downloads

Download data is not yet available.

References

G. C. Amaizu, C. I. Nwakanma, S. Bhardwaj, J. M. Lee, and D. S. Kim, “Composite and efficient DDoS attack detection framework for B5G networks,” Computer Networks, vol. 188, Apr. 2021, doi: 10.1016/j.comnet.2021.107871.

S. A. Reddy and B. Rudra, “Evaluation of Recurrent Neural Networks for Detecting Injections in API Requests,” in 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, Institute of Electrical and Electronics Engineers Inc., Jan. 2021, pp. 936–941. doi: 10.1109/CCWC51732.2021.9376034.

W. Yang, M. N. Johnstone, S. Wang, N. M. Karie, N. M. bin Sahri, and J. J. Kang, “Network Forensics in the Era of Artificial Intelligence,” in Studies in Computational Intelligence, vol. 1025, Springer Science and Business Media Deutschland GmbH, 2022, pp. 171–190. doi: 10.1007/978-3-030-96630-0_8.

L. F. Sikos, “Packet analysis for network forensics: A comprehensive survey,” Forensic Science International: Digital Investigation, vol. 32. Elsevier Ltd, Mar. 01, 2020. doi: 10.1016/j.fsidi.2019.200892.

F. Yasin, Abdul Fadlil, and Rusydi Umar, “Identifikasi Bukti Forensik Jaringan Virtual Router Menggunakan Metode NIST,” Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), vol. 5, no. 1, pp. 91–98, Feb. 2021, doi: 10.29207/resti.v5i1.2784.

J. Zhou, X. Luo, Q. Shen, and Z. Xu, Eds., Information and Communications Security, vol. 11999. in Lecture Notes in Computer Science, vol. 11999. Cham: Springer International Publishing, 2020. doi: 10.1007/978-3-030-41579-2.

R. K. Jothi, S. Balaji B, N. Pandey, P. Beriwal, and A. Amarajan, “An Efficient SQL Injection Detection System Using Deep Learning,” in Proceedings of 2nd IEEE International Conference on Computational Intelligence and Knowledge Economy, ICCIKE 2021, Institute of Electrical and Electronics Engineers Inc., Mar. 2021, pp. 442–445. doi: 10.1109/ICCIKE51210.2021.9410674.

B. Aruna and B. Usharani, “SQLID Framework in Order ToPerceive SQL Injection Attack on Web Application,” in IOP Conference Series: Materials Science and Engineering, IOP Publishing Ltd, 2020. doi: 10.1088/1757-899X/981/2/022013.

A. Rai, M. M. I. Miraz, D. Das, H. Kaur, and Swati, “SQL Injection: Classification and Prevention,” in Proceedings of 2021 2nd International Conference on Intelligent Engineering and Management, ICIEM 2021, Institute of Electrical and Electronics Engineers Inc., Apr. 2021, pp. 367–372. doi: 10.1109/ICIEM51511.2021.9445347.

I. S. Crespo-Martínez, A. Campazas-Vega, Á. M. Guerrero-Higueras, V. Riego-DelCastillo, C. Álvarez-Aparicio, and C. Fernández-Llamas, “SQL injection attack detection in network flow data,” Comput Secur, vol. 127, Apr. 2023, doi: 10.1016/j.cose.2023.103093.

S. S. Nagasundari and P. B. Honnavali, “SQL Injection Attack Detection using ResNet.” [Online]. Available: http://www.dockguard.co.uk/page.php?id=18’

H. Zhang, J. Zhao, B. Zhao, X. Yan, H. Yuan, and F. Li, “SQL injection detection based on deep belief network,” in ACM International Conference Proceeding Series, Association for Computing Machinery, Oct. 2019. doi: 10.1145/3331453.3361280.

C. Arumugam et al., “Prediction of SQL Injection Attacks in Web Applications,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, 2019, pp. 496–505. doi: 10.1007/978-3-030-24305-0_37.

P. Roy, R. Kumar, and P. Rani, “SQL Injection Attack Detection by Machine Learning Classifier,” in 2022 International Conference on Applied Artificial Intelligence and Computing (ICAAIC), 2022, pp. 394–400. doi: 10.1109/ICAAIC53929.2022.9792964.

J. Hu, W. Zhao, and Y. Cui, “A Survey on SQL Injection Attacks, Detection and Prevention,” in ACM International Conference Proceeding Series, Association for Computing Machinery, Feb. 2020, pp. 483–488. doi: 10.1145/3383972.3384028.

P. Tang, W. Qiu, Z. Huang, H. Lian, and G. Liu, “Detection of SQL injection based on artificial neural network ✩,” vol. 190, p. 105528, 2020, doi: 10.1016/j.knosys.

K. Zhang, “A machine learning based approach to identify SQL injection vulnerabilities,” in Proceedings - 2019 34th IEEE/ACM International Conference on Automated Software Engineering, ASE 2019, Institute of Electrical and Electronics Engineers Inc., Nov. 2019, pp. 1286–1288. doi: 10.1109/ASE.2019.00164.

Q. Li, W. Li, J. Wang, and M. Cheng, “A SQL Injection Detection Method Based on Adaptive Deep Forest,” IEEE Access, vol. 7, pp. 145385–145394, 2019, doi: 10.1109/ACCESS.2019.2944951.

P. Tang, W. Qiu, Z. Huang, H. Lian, and G. Liu, “Detection of SQL injection based on artificial neural network ✩,” vol. 190, p. 105528, 2020, doi: 10.1016/j.knosys.

D. Chen, Q. Yan, C. Wu, and J. Zhao, “SQL Injection Attack Detection and Prevention Techniques Using Deep Learning,” in Journal of Physics: Conference Series, IOP Publishing Ltd, Feb. 2021. doi: 10.1088/1742-6596/1757/1/012055.

Dwi Kurnia Wibowo, Ahmad Luthfi, Yudi Prayudi, Erika Ramadhani, and Muhamad Maulana, “Faux Insider Hazard Investigation on Non-Public Cloud Computing by Using ADAM’s Technique,” Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), vol. 6, no. 6, pp. 1028–1036, Dec. 2022, doi: 10.29207/resti.v6i6.4714.

R. Patria Avrianto, J. Dio Firizqi, R. Dwi Kurniawan, R. Eko Indrajit, and E. Dazki, “SELECTION OF PAYMENT METHODS IN ONLINE MARKETS USING ANALYTICAL HIERARCHICAL PROCESS,” Jurnal Teknik Informatika (JUTIF), vol. 3, no. 3, pp. 697–705, 2022, doi: 10.20884/1.jutif.2022.3.3.232.

X. Song, C. Chen, B. Cui, and J. Fu, “Malicious javascript detection based on bidirectional LSTM model,” Applied Sciences (Switzerland), vol. 10, no. 10, May 2020, doi: 10.3390/app10103440.

Z. shi Gao, Y. Su, Y. Ding, Y. dong Liu, X. an Wang, and J. wei Shen, “Key Technologies of Anomaly Detection Using PCA-LSTM,” in Advances in Intelligent Systems and Computing, Springer Verlag, 2020, pp. 246–254. doi: 10.1007/978-3-030-22263-5_24.

T. Y. Kim and S. B. Cho, “Optimizing CNN-LSTM neural networks with PSO for anomalous query access control,” Neurocomputing, vol. 456, pp. 666–677, Oct. 2021, doi: 10.1016/j.neucom.2020.07.154.

S. Hao, J. Long, and Y. Yang, “BL-IDS: Detecting Web Attacks Using Bi-LSTM Model Based on Deep Learning,” in Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, Springer Verlag, 2019, pp. 551–563. doi: 10.1007/978-3-030-21373-2_45.

R. W. Kadhim and M. T. Gaata, “A hybrid of CNN and LSTM methods for securing web application against cross-site scripting attack,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 21, no. 2, pp. 1022–1029, Feb. 2020, doi: 10.11591/ijeecs.v21.i2.pp1022-1029.

N. Gupta, V. Jindal, and P. Bedi, “LIO-IDS: Handling class imbalance using LSTM and improved one-vs-one technique in intrusion detection system,” Computer Networks, vol. 192, Jun. 2021, doi: 10.1016/j.comnet.2021.108076.

W. Zhang et al., “Deep Neural Network-Based SQL Injection Detection Method,” Security and Communication Networks, vol. 2022, 2022, doi: 10.1155/2022/4836289.