Saved in:
Bibliographic Details
Main Authors: Tasdemir, Kasim, Khan, Rafiullah, Siddiqui, Fahad, Sezer, Sakir, Kurugollu, Fatih, Yengec-Tasdemir, Sena Busra, Bolat, Alperen
Format: Preprint
Published: 2023
Subjects:
Online Access:https://arxiv.org/abs/2312.13041
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • Detecting SQL Injection (SQLi) attacks is crucial for web-based data center security, but it is challenging to balance accuracy and computational efficiency, especially in high-speed networks. Traditional methods struggle with this balance, while NLP-based approaches, although accurate, are computationally intensive. We introduce a novel cascade SQLi detection method, blending classical and transformer-based NLP models, achieving a 99.86% detection accuracy with significantly lower computational demands-20 times faster than using transformer-based models alone. Our approach is tested in a realistic setting and compared with 35 other methods, including Machine Learning-based and transformer models like BERT, on a dataset of over 30,000 SQL sentences. Our results show that this hybrid method effectively detects SQLi in high-traffic environments, offering efficient and accurate protection against SQLi vulnerabilities with computational efficiency. The code is available at https://github.com/gdrlab/cascaded-sqli-detection .