Detection of SQL injection attack based on improved TFIDF algorithm

Abstract

With the arrival of the Internet age, SQL injection is widely distributed as a web application attack method. It’s with low operating threshold and not easy to be discovered, so it seriously threatens network security, causing a large number of websites to have security risks. When the number of sensitive words and non-sensitive words in the SQL sentence data set is close, the SQL injection attack detection method based on the TFIDF algorithm has the problem of high false alarm rate. This paper proposes a detection method based on the improved TFIDF algorithm. It analyzes and compares a large number of attack statements and normal SQL statements, summarizes the characteristics of SQL statements and vectorizes the text, and adds quantification related to keywords in the formula. parameter. The purpose of this article is to use the improved TFIDF algorithm in the data preprocessing stage, use three different classifiers in the classification stage, combine SVM, KNN and DT three different machine learning algorithms, and finally compare experiments. The results prove that the improved TFIDF algorithm combined with SVM has a higher accuracy rate and a lower false alarm rate.