Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tasdemir, Kasim, Khan, Rafiullah, Siddiqui, Fahad, Sezer, Sakir, Kurugollu, Fatih, Yengec-Tasdemir, Sena Busra, Bolat, Alperen
Format: Preprint
Veröffentlicht: 2023
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2312.13041
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866910669488521216
author Tasdemir, Kasim
Khan, Rafiullah
Siddiqui, Fahad
Sezer, Sakir
Kurugollu, Fatih
Yengec-Tasdemir, Sena Busra
Bolat, Alperen
author_facet Tasdemir, Kasim
Khan, Rafiullah
Siddiqui, Fahad
Sezer, Sakir
Kurugollu, Fatih
Yengec-Tasdemir, Sena Busra
Bolat, Alperen
contents Detecting SQL Injection (SQLi) attacks is crucial for web-based data center security, but it is challenging to balance accuracy and computational efficiency, especially in high-speed networks. Traditional methods struggle with this balance, while NLP-based approaches, although accurate, are computationally intensive. We introduce a novel cascade SQLi detection method, blending classical and transformer-based NLP models, achieving a 99.86% detection accuracy with significantly lower computational demands-20 times faster than using transformer-based models alone. Our approach is tested in a realistic setting and compared with 35 other methods, including Machine Learning-based and transformer models like BERT, on a dataset of over 30,000 SQL sentences. Our results show that this hybrid method effectively detects SQLi in high-traffic environments, offering efficient and accurate protection against SQLi vulnerabilities with computational efficiency. The code is available at https://github.com/gdrlab/cascaded-sqli-detection .
format Preprint
id arxiv_https___arxiv_org_abs_2312_13041
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle Advancing SQL Injection Detection for High-Speed Data Centers: A Novel Approach Using Cascaded NLP
Tasdemir, Kasim
Khan, Rafiullah
Siddiqui, Fahad
Sezer, Sakir
Kurugollu, Fatih
Yengec-Tasdemir, Sena Busra
Bolat, Alperen
Cryptography and Security
Detecting SQL Injection (SQLi) attacks is crucial for web-based data center security, but it is challenging to balance accuracy and computational efficiency, especially in high-speed networks. Traditional methods struggle with this balance, while NLP-based approaches, although accurate, are computationally intensive. We introduce a novel cascade SQLi detection method, blending classical and transformer-based NLP models, achieving a 99.86% detection accuracy with significantly lower computational demands-20 times faster than using transformer-based models alone. Our approach is tested in a realistic setting and compared with 35 other methods, including Machine Learning-based and transformer models like BERT, on a dataset of over 30,000 SQL sentences. Our results show that this hybrid method effectively detects SQLi in high-traffic environments, offering efficient and accurate protection against SQLi vulnerabilities with computational efficiency. The code is available at https://github.com/gdrlab/cascaded-sqli-detection .
title Advancing SQL Injection Detection for High-Speed Data Centers: A Novel Approach Using Cascaded NLP
topic Cryptography and Security
url https://arxiv.org/abs/2312.13041