SQL-GENIE: SQL Protection using GENerative Modeling for Anomaly Detection against Injection and Evolved Adversarial Attacks
In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced det...
Uloženo v:
| Vydáno v: | Proceedings : annual International Computer Software and Applications Conference s. 459 - 464 |
|---|---|
| Hlavní autoři: | , , |
| Médium: | Konferenční příspěvek |
| Jazyk: | angličtina |
| Vydáno: |
IEEE
08.07.2025
|
| Témata: | |
| ISSN: | 2836-3795 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced detection mechanisms to protect sensitive information, especially in cloud-based environments. This paper presents SQL-GENIE, a novel approach that leverages generative modeling to strengthen modern application security, improve anomaly detection, and address emerging challenges in data protection. SQL-GENIE leverages two feature embedding techniques across two different datasets and contrasts their performance against Generative Adversarial Networks (GAN)- under various contamination rates to analyze and detect SQLi attacks, including typical and sophisticated adversarial forms. Our proposed GAN model performs the best with FastText when applied to our benchmark dataset of typical SQLI, achieving F1-score of 92.7% on attack data with a 10% contamination rate. Additionally, it demonstrates an F1-score of 98.6% on the adversarial dataset, highlighting its robustness against evolved SQLi threats. |
|---|---|
| AbstractList | In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced detection mechanisms to protect sensitive information, especially in cloud-based environments. This paper presents SQL-GENIE, a novel approach that leverages generative modeling to strengthen modern application security, improve anomaly detection, and address emerging challenges in data protection. SQL-GENIE leverages two feature embedding techniques across two different datasets and contrasts their performance against Generative Adversarial Networks (GAN)- under various contamination rates to analyze and detect SQLi attacks, including typical and sophisticated adversarial forms. Our proposed GAN model performs the best with FastText when applied to our benchmark dataset of typical SQLI, achieving F1-score of 92.7% on attack data with a 10% contamination rate. Additionally, it demonstrates an F1-score of 98.6% on the adversarial dataset, highlighting its robustness against evolved SQLi threats. |
| Author | Elsayed, Marwa A. Zincir-Heywood, Nur Afrin, Sadia |
| Author_xml | – sequence: 1 givenname: Sadia surname: Afrin fullname: Afrin, Sadia organization: Dalhousie University,Computer Science – sequence: 2 givenname: Marwa A. surname: Elsayed fullname: Elsayed, Marwa A. organization: Western University,Department of Computer Science – sequence: 3 givenname: Nur surname: Zincir-Heywood fullname: Zincir-Heywood, Nur email: zincir@cs.dal.ca organization: Dalhousie University,Faculty of Computer Science |
| BookMark | eNo1jN9OwjAchavRRETewMS-wLBd_3u3zIkkIBj0mpTuN1IcndnqEuLLi1Guzsn3nZxrdBGaAAjdUTKmlJj7fDFfrrJcCkHUOCWpGBNCpDxDI6OMZowKxRkX52iQaiYTpoy4QtddtyOESS3SAfpevc6SSfEyLR7wseJl20Rw0TcBf3U-bPHRQWuj7wHPmxLqX1Y1Lc5Cs7f1AT_CaW-31ocu4mnYnUgocdE3dQ8lzsoe2s623tY4i9G6j-4GXVa27mD0n0P0_lS85c_JbDGZ5tks8VTpmBhaau6c4MQJ7VSlq1KSlGntpOOUUCXBGGmU5BtOSss4I3ZDN8K41IEFx4bo9u_XA8D6s_V72x7WlNJUKirZD4tZYTM |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/COMPSAC65507.2025.00066 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798331574345 |
| EISSN | 2836-3795 |
| EndPage | 464 |
| ExternalDocumentID | 11126716 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IH ALMA_UNASSIGNED_HOLDINGS CBEJK RIE RIO |
| ID | FETCH-LOGICAL-i178t-91d84cc540c58c7f8fd602388c6c410176e9969764b40da3430ab1b59c2ceaec3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001575960000058&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Sep 03 07:09:36 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i178t-91d84cc540c58c7f8fd602388c6c410176e9969764b40da3430ab1b59c2ceaec3 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_11126716 |
| PublicationCentury | 2000 |
| PublicationDate | 2025-July-8 |
| PublicationDateYYYYMMDD | 2025-07-08 |
| PublicationDate_xml | – month: 07 year: 2025 text: 2025-July-8 day: 08 |
| PublicationDecade | 2020 |
| PublicationTitle | Proceedings : annual International Computer Software and Applications Conference |
| PublicationTitleAbbrev | COMPSAC |
| PublicationYear | 2025 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0036852 |
| Score | 1.9143093 |
| Snippet | In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 459 |
| SubjectTerms | Adversarial Attack Anomaly detection Computational modeling Contamination Cybersecurity Data models Generative adversarial networks Generative Modeling Software SQL injection Surge protection Surges Technological innovation |
| Title | SQL-GENIE: SQL Protection using GENerative Modeling for Anomaly Detection against Injection and Evolved Adversarial Attacks |
| URI | https://ieeexplore.ieee.org/document/11126716 |
| WOSCitedRecordID | wos001575960000058&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEG6EePCED4zv9OB1ZZ9t1xvBRUkQMWjCjXSnhWB0MbCQGP-8ne6uevHgrWl306SPmWn7fd8QcimjqfQCyZyI-4FjPLTrpK6IHXzxAU-Brwp1_T4fDMR4HA9LsrrlwmitLfhMX2HRvuWrBazxqqzlId_FBPg1UuOcFWStyuyikLpfArg8N251Hu6Ho3aHoV6XOQb6eHXiohbiryQq1od0G__sfZc0f9h4dPjtZ_bIls72SaNKx0DL3XlAPkePfec2GfSSa2qK-E9ugVYZRXT7jJo2XQh9U0yBhkR0amJW2s4Wb_L1g97o6ns5k3MTN9Je9lLVZIomxpRttKI2ifNK4tKl7TxHln6TPHeTp86dU-ZWcOYeF7mxcUqEACZeg0gAn4qpYui-BTAIcZsybU5CJlYJ09BVMggDV6ZeGsXgg5YagkNSzxaZPiIUoeQq4lPup0EIqYyN__OYGwcgUl-G7Jg0cTAn74V8xqQax5M_6k_JDs6XxcSKM1LPl2t9TrZhk89Xyws76V9owqz5 |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3LT8IwGG8UTfSED4xve_A62XudN4JDiAMxYMKNdF87gtFhYJAY_3n7lU29ePDWdFuW9PV9bX8PQq65l3LL4b7hBbZjqAhtGonJQgNvfMASYIu1un4c9HpsNAr7BVldc2GklBp8Jm-wqO_yxQyWeFRWt5DvohL8TbKF1lkFXatceFFK3S4gXJYZ1puP3f6g0fRRsUttBG08PDFRDfGXjYqOIq3qP_-_R2o_fDza_440-2RDZgekWhoy0GJ-HpLPwVNs3Ee9TnRLVRG_yTXUKqOIb59Q9Uyupb4pmqAhFZ2qrJU2stkbf_2gd7J8n0_4VGWOtJO9lDWZoJFazFZSUG3jvOA4eGkjz5GnXyPPrWjYbBuFu4IxtQKWq1VOMBdAZWzgMQhSlgofAzgDH1ycqL5UeyGVrbiJawruuI7JEyvxQrBBcgnOEalks0weE4pgcuEFaWAnjgsJD1UEtHwzdIAlNnf9E1LDxhy_rwU0xmU7nv5Rf0V22sNuPI47vYczsot9pxGy7JxU8vlSXpBtWOXTxfxSD4Avl-2wQg |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+%3A+annual+International+Computer+Software+and+Applications+Conference&rft.atitle=SQL-GENIE%3A+SQL+Protection+using+GENerative+Modeling+for+Anomaly+Detection+against+Injection+and+Evolved+Adversarial+Attacks&rft.au=Afrin%2C+Sadia&rft.au=Elsayed%2C+Marwa+A.&rft.au=Zincir-Heywood%2C+Nur&rft.date=2025-07-08&rft.pub=IEEE&rft.eissn=2836-3795&rft.spage=459&rft.epage=464&rft_id=info:doi/10.1109%2FCOMPSAC65507.2025.00066&rft.externalDocID=11126716 |