English

SQLi Detection with ML: A data-source perspective

Cryptography and Security 2023-04-25 v1 Machine Learning

Abstract

Almost 50 years after the invention of SQL, injection attacks are still top-tier vulnerabilities of today's ICT systems. Consequently, SQLi detection is still an active area of research, where the most recent works incorporate machine learning techniques into the proposed solutions. In this work, we highlight the shortcomings of the previous ML-based results focusing on four aspects: the evaluation methods, the optimization of the model parameters, the distribution of utilized datasets, and the feature selection. Since no single work explored all of these aspects satisfactorily, we fill this gap and provide an in-depth and comprehensive empirical analysis. Moreover, we cross-validate the trained models by using data from other distributions. This aspect of ML models (trained for SQLi detection) was never studied. Yet, the sensitivity of the model's performance to this is crucial for any real-life deployment. Finally, we validate our findings on a real-world industrial SQLi dataset.

Keywords

Cite

@article{arxiv.2304.12115,
  title  = {SQLi Detection with ML: A data-source perspective},
  author = {Balazs Pejo and Nikolett Kapui},
  journal= {arXiv preprint arXiv:2304.12115},
  year   = {2023}
}

Comments

Extended version of an accepted paper at SECRYPT 2023

R2 v1 2026-06-28T10:15:51.239Z