INTELLIGENT WEB SECURITY: MACHINE LEARNING-BASED SQL INJECTION DETECTION AND HONEYPOT INTEGRATION
ავტორი: Prateek Naik, Kaushik, Aditya D R, Adithya Nayak K, Ananth Prabhu G
ორგანიზაცია: Sahyadri College of Engineering and Management
კატეგორია:
საკვანძო სიტყვები: Cybersecurity, honeypot deception, machine learning, real-time detection, SQL injection, threat intelligence, web application security, XGBoost
აბსტრაქტი. SQL injection attacks remain a critical cybersecurity threat, with recent incidents causing over $2M in losses per breach. We present a machine learning-based detection system using XGBoost that achieves 99.58% accuracy on a dataset of 30,926 queries (63% benign, 37% malicious). The model demonstrates exceptional performance with a precision of 99.8% on malicious queries (Class 1) and 99.6% on benign queries (Class 0), while maintaining real-time detection latency below 50ms. A hybrid architecture integrates honeypot-based threat intelligence to block malicious IPs and adapt to new attack patterns. The comparative analysis shows 1. 21% higher accuracy than the SVM baselines and 58% fewer false positives than previous work. This solution meets enterprise-scale requirements for web application security.
ბიბლიოგრაფია
Shar, L. K., Tan, H. B. K., Briand, L. C. ”SQL Injection Vulnerability Prediction Using Machine Learning.” IEEE Transactions on Software Engineering, vol. 44, no. 3, pp. 227-244, 2018
Halfond, W. G., Viegas, J., Orso, A. ”A Classification of SQL Injection Attacks and Countermeasures.” IEEE Symposium on Secure Software Engineering, pp. 13-25, 2006
Zhang, Y., et al. ”XGBoost for Real-Time Threat Detection in Web Applications.” Journal of Cybersecurity Research, vol. 8, no. 2, pp. 112- 130, 2021
Li, W., et al. ”A Benchmark Dataset for SQL Injection Attack Detec- tion.” ACM Workshop on Artificial Intelligence in Security, pp. 45-52, 2019
Provos, N., Holz, T. Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison-Wesley, 2008
Kemalis, K., Tzouramanis, T. ”SQL-IDS: A Specification-Based Ap- proach for SQL Injection Detection.” ACM Symposium on Applied Computing, pp. 215-220, 2008
Huang, Y., et al. ”Reducing False Positives in SQL Injection Detection Using Ensemble Learning.” Computers Security, vol. 89, 2020
Alwan, Z. S., Younis, M. F. ”Detection and Prevention of SQL Injection Attacks: A Survey.” International Journal of Computer Science and Network Security, vol. 17, no. 3, 2017
Chawla, N. V., et al. ”SMOTE: Synthetic Minority Over-sampling Technique.” Journal of Artificial Intelligence Research, vol. 16, pp. 321- 357, 2002
Lundberg, S. M., Lee, S. I. ”A Unified Approach to Interpreting Model Predictions.” Advances in Neural Information Processing Systems, 2017
Boyd, S. W., Keromytis, A. D. ”SQLrand: Preventing SQL Injection At- tacks.” International Conference on Applied Cryptography and Network Security, 2004
Wang, J., et al. ”Deep Learning for SQL Injection Detection: A Comparative Study.” IEEE Access, vol. 9, pp. 12454-12464, 2021
Modi, C., et al. ”A Survey on Security Issues and Solutions at Different Layers of Cloud Computing.” The Journal of Supercomputing, vol. 63, no. 2, 2013
Pan, S. J., Yang, Q. ”A Survey on Transfer Learning.” IEEE Transac- tions on Knowledge and Data Engineering, vol. 22, no. 10, 2010
Buehrer, G., et al. ”Using Parse Tree Validation to Prevent SQL Injection Attacks.” International Workshop on Software Engineering and Middleware, 2005
Sonchack, J., et al. ”NoSQLi Vulnerability Detection Using Dynamic Analysis.” USENIX Security Symposium, 2016
Pietrzak, K. ”Adversarial Machine Learning in Cybersecurity.” ACM Computing Surveys, vol. 52, no. 4, 2019
Wassermann, G., Su, Z. ”Static Detection of SQL Injection Vulner- abilities.” ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2008
Gartner. ”Market Guide for Web Application Firewalls.” Gartner Re- search Publication G00741137, 2022
Dittrich, D., et al. ”The Menlo Report: Ethical Principles for Cyberse- curity Research.” US Department of Homeland Security, 2011
Menu