Gespeichert in:
| Hauptverfasser: | , , , , , , |
|---|---|
| Format: | Preprint |
| Veröffentlicht: |
2023
|
| Schlagworte: | |
| Online-Zugang: | https://arxiv.org/abs/2312.13041 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| _version_ | 1866910669488521216 |
|---|---|
| author | Tasdemir, Kasim Khan, Rafiullah Siddiqui, Fahad Sezer, Sakir Kurugollu, Fatih Yengec-Tasdemir, Sena Busra Bolat, Alperen |
| author_facet | Tasdemir, Kasim Khan, Rafiullah Siddiqui, Fahad Sezer, Sakir Kurugollu, Fatih Yengec-Tasdemir, Sena Busra Bolat, Alperen |
| contents | Detecting SQL Injection (SQLi) attacks is crucial for web-based data center security, but it is challenging to balance accuracy and computational efficiency, especially in high-speed networks. Traditional methods struggle with this balance, while NLP-based approaches, although accurate, are computationally intensive.
We introduce a novel cascade SQLi detection method, blending classical and transformer-based NLP models, achieving a 99.86% detection accuracy with significantly lower computational demands-20 times faster than using transformer-based models alone. Our approach is tested in a realistic setting and compared with 35 other methods, including Machine Learning-based and transformer models like BERT, on a dataset of over 30,000 SQL sentences.
Our results show that this hybrid method effectively detects SQLi in high-traffic environments, offering efficient and accurate protection against SQLi vulnerabilities with computational efficiency. The code is available at https://github.com/gdrlab/cascaded-sqli-detection . |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2312_13041 |
| institution | arXiv |
| publishDate | 2023 |
| record_format | arxiv |
| spellingShingle | Advancing SQL Injection Detection for High-Speed Data Centers: A Novel Approach Using Cascaded NLP Tasdemir, Kasim Khan, Rafiullah Siddiqui, Fahad Sezer, Sakir Kurugollu, Fatih Yengec-Tasdemir, Sena Busra Bolat, Alperen Cryptography and Security Detecting SQL Injection (SQLi) attacks is crucial for web-based data center security, but it is challenging to balance accuracy and computational efficiency, especially in high-speed networks. Traditional methods struggle with this balance, while NLP-based approaches, although accurate, are computationally intensive. We introduce a novel cascade SQLi detection method, blending classical and transformer-based NLP models, achieving a 99.86% detection accuracy with significantly lower computational demands-20 times faster than using transformer-based models alone. Our approach is tested in a realistic setting and compared with 35 other methods, including Machine Learning-based and transformer models like BERT, on a dataset of over 30,000 SQL sentences. Our results show that this hybrid method effectively detects SQLi in high-traffic environments, offering efficient and accurate protection against SQLi vulnerabilities with computational efficiency. The code is available at https://github.com/gdrlab/cascaded-sqli-detection . |
| title | Advancing SQL Injection Detection for High-Speed Data Centers: A Novel Approach Using Cascaded NLP |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2312.13041 |