SQL-GENIE: SQL Protection using GENerative Modeling for Anomaly Detection against Injection and Evolved Adversarial Attacks

In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced det...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings : annual International Computer Software and Applications Conference s. 459 - 464
Hlavní autoři: Afrin, Sadia, Elsayed, Marwa A., Zincir-Heywood, Nur
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 08.07.2025
Témata:
Adversarial Attack
Anomaly detection
Computational modeling
Contamination
Cybersecurity
Data models
Generative adversarial networks
Generative Modeling
Software
SQL injection
Surge protection
Surges
Technological innovation
ISSN:2836-3795
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:In an age where data drives innovation and online interactions are integral to daily life, ensuring the security of web applications and databases has never been more critical. The growing surge and sophistication of large-scale SQL injection (SQLi) attacks highlight the urgent need for advanced detection mechanisms to protect sensitive information, especially in cloud-based environments. This paper presents SQL-GENIE, a novel approach that leverages generative modeling to strengthen modern application security, improve anomaly detection, and address emerging challenges in data protection. SQL-GENIE leverages two feature embedding techniques across two different datasets and contrasts their performance against Generative Adversarial Networks (GAN)- under various contamination rates to analyze and detect SQLi attacks, including typical and sophisticated adversarial forms. Our proposed GAN model performs the best with FastText when applied to our benchmark dataset of typical SQLI, achieving F1-score of 92.7% on attack data with a 10% contamination rate. Additionally, it demonstrates an F1-score of 98.6% on the adversarial dataset, highlighting its robustness against evolved SQLi threats.
ISSN:2836-3795
DOI:10.1109/COMPSAC65507.2025.00066