SQL-GENIE: SQL Protection using GENerative Modeling for Anomaly Detection against Injection and Evolved Adversarial Attacks

In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced det...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings : annual International Computer Software and Applications Conference pp. 459 - 464
Main Authors: Afrin, Sadia, Elsayed, Marwa A., Zincir-Heywood, Nur
Format: Conference Proceeding
Language:English
Published: IEEE 08.07.2025
Subjects:
Adversarial Attack
Anomaly detection
Computational modeling
Contamination
Cybersecurity
Data models
Generative adversarial networks
Generative Modeling
Software
SQL injection
Surge protection
Surges
Technological innovation
ISSN:2836-3795
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced detection mechanisms to protect sensitive information, especially in cloud-based environments. This paper presents SQL-GENIE, a novel approach that leverages generative modeling to strengthen modern application security, improve anomaly detection, and address emerging challenges in data protection. SQL-GENIE leverages two feature embedding techniques across two different datasets and contrasts their performance against Generative Adversarial Networks (GAN)- under various contamination rates to analyze and detect SQLi attacks, including typical and sophisticated adversarial forms. Our proposed GAN model performs the best with FastText when applied to our benchmark dataset of typical SQLI, achieving F1-score of 92.7% on attack data with a 10% contamination rate. Additionally, it demonstrates an F1-score of 98.6% on the adversarial dataset, highlighting its robustness against evolved SQLi threats.
ISSN:2836-3795
DOI:10.1109/COMPSAC65507.2025.00066