SQL Injection Detection Based on Deep Belief Network

Abstract

At present, the ways for detecting SQL injection attacks include pre-compilation of SQL statements, filtering user input at the WEB layer to prevent SQL injection, such as filtering global parameters with Filter, strictly restricting the operation authority of the database, and trying to satisfy all. The lowest permissions for the operation, etc. The detection method for the SQL injection attack is mainly to analyze the incoming parameters to determine whether an illegal parameter is passed in. However, due to the poor real-time performance of the analyzed traffic content and the accuracy, the false positive rate is not ideal. Therefore, this paper proposes a deep learning-based approach to find SQL injection aggression. It does not need to analyze and extract all the content. It only needs to find out the features needed by the model. Entering these features into the model that is trained in advance can detect SQL injection attacks traffic in real time. This paper use deep learning to identify SQL injection attacks in network traffic. We select the target features according to the attack characteristics of the SQL injection attack and get request from url or post packet as train data; use the deep belief network (DBN) model to train the selected features and the collected sample data, and finally get an identifiable SQL Injection attack model. Finally find a best model for Detecting SQL injection, and achieve online and real-time detection.