Enhancing SQL Query Security using Graph-based Hierarchical Embeddings with SMOTE and Advanced Neural Networks for Robust Detection

SQL Injection Attacks (SQLIA) are still a significant security vulnerability, targeting issues in database query validation for intruder access. The research proposes a graph-based hierarchical embedding framework for SQLIA detection using Abstract Syntax Trees (ASTs) and spectral graph theory to id...

Full description

Saved in:
Bibliographic Details
Published in:2025 12th International Conference on Computing for Sustainable Global Development (INDIACom) pp. 1 - 7
Main Authors: K, Mangaiyarkarasi, P. S., Uma Priyadarsini
Format: Conference Proceeding
Language:English
Published: Bharati Vidyapeeth, New Delhi 02.04.2025
Subjects:
Accuracy
Anomaly detection
Forestry
Graph Embeddings
Neural Networks
Noise measurement
Outlier Detection
Real-time systems
Security
Semantics
SMOTE
SQL injection
SQL Injection Attack
Syntactics
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:SQL Injection Attacks (SQLIA) are still a significant security vulnerability, targeting issues in database query validation for intruder access. The research proposes a graph-based hierarchical embedding framework for SQLIA detection using Abstract Syntax Trees (ASTs) and spectral graph theory to identify structural and semantic features of SQL queries. SMOTE is employed for class imbalance, and Isolation Forest is applied for outliers to give robust feature representation. An attention-based customized neural network integrating Graph Neural Networks (GNNs) with attention significantly improves classification. Experimental results on a proposed dataset of 3323 SQL queries exhibit the effectiveness of the proposed algorithm with 96% accuracy, precision (96.97%), recall (95.50%), and F1score (96%), which significantly outperforms traditional approaches. The results indicate using graph-based embeddings, data balancing, and outlier detection improves SQLIA detection with fewer false positives and negatives while remaining scalable and efficient. Establishes a benchmark for secure, adaptive, and real-time SQL query analysis and contributes to more secure database security solutions.
DOI:10.23919/INDIACom66777.2025.11115253