| Abstract: |
People’s lifestyles have changed significantly in the new era of high digitization and informatization due to the development of artificial intelligence and the internet. The increasingly complex network environment in this new era has made traditional cyber attack detection less effective, prompting the use of deep learning technologies in the field of network security. Many types of attacks, such as SQL (Structured Query Language) injection, Cross-Site Scripting (XSS), and command injection, can be extremely damaging to web applications and databases. The identification of malevolent SQL queries has become crucial in the ever-evolving field of cybersecurity to protect data integrity. This research presents a thorough analysis of deep learning models for classifying malicious SQL queries from legitimate ones. The dataset for this research was obtained from Kaggle.com, consisting of labeled SQL queries. We proposed a novel deep learning model, SQLGuardNet, which is a lightweight, multi-branch architecture designed for enhanced SQL query classification. SQLGuardNet consists of three branches: Branch 1 is a Transformer block with a multi-head attention layer, Branch 2 incorporates a 1D convolutional layer, and Branch 3 employs a Recurrent Neural Network (RNN) with Long Short-Term Memory (LSTM) units. These branches are subsequently merged through a concatenation layer. With a total of 3.31M parameters (approximately 12.62 MB), SQLGuardNet is both efficient and powerful. The model achieves a remarkable test accuracy of 99.89% for dataset1 and 99.10% for dataset2. Additionally, soft voting accuracy for SQLGuardNet was 98.14% for dataset1 and 97.46% for dataset2. Furthermore, SQLGuardNet achieves 99.12% test accuracy on dataset-3 and soft voting accuracy was 97.46%. In order to better understand the contributions of individual components to the model’s performance, several ablation studies were performed. First, we evaluated the impact of removing the Transformer block (Branch 1), the 1D convolutional layer (Branch 2), and the RNN-LSTM (Branch 3) separately. Additionally, we tested the model with each branch individually in isolation to assess their independent effectiveness. The results demonstrate that each branch contributes significantly to the overall performance of SQLGuardNet, and the multi-branch architecture, coupled with the soft voting mechanism, significantly enhances the detection of SQL-based attacks. This study emphasizes how SQLGuardNet can be a highly effective and efficient tool in bolstering cybersecurity defenses against SQL injection and related attacks. [ABSTRACT FROM AUTHOR] |
|
Copyright of Signal, Image & Video Processing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
Full Text Finder 
Nájsť tento článok vo Web of Science