Abstract

Detecting SQL injection attacks (SQLIAs) effectively is one of the critical issues to be solved in Web secure fields. Aiming at the problem that the distribution of feature words in the same kind of statements is not considered when using TFIDF algorithm to vectorize the text of SQL statements, a method of detecting SQLIAs based on improved Term Frequency-Inverse Document Frequency (TFIDF) algorithm is proposed. Firstly, TFIDF algorithm is improved based on the distribution of feature words in the same kind of statements. Then, the improved TFIDF (ITFIDF) algorithm is used to vectorize the dataset of SQL statements to increase the feature weight of the SQL statement. Finally, the detection of SQLIAs is carried out based on Support Vector Machine (SVM). The experimental results show that the combination of SVM and ITFIDF has higher accuracy, recall rate and F-score compared with other similar methods. At the same time, the experimental results also show that SVM has better classification performance when dealing with this problem than other machine learning models such as DNN and Decision Tree.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.