SQL Injection Attack Detection Based on Similarity Matching Between Vectors Extracted From Design Time and Run-Time Queries

Abstract

Everyone uses web-based applications to carry out daily business and personal tasks. These programmes are vulnerable to attack by hackers, who may also misuse the data. The most serious attack with the greatest damaging potential on digital platforms is the structured query language injection attack (SQLiA). The backend databases could be corrupted or destroyed by SQLiA if it manages to breach security protections. Using SQLiA tactics, hackers can get unauthorized access, steal important data, and take over the network completely or partially. An automatic SQL injection prevention and detection technique is needed to safeguard web-based applications from SQLiA. This research suggests a novel similarity-matching algorithm of vectors extracted from design time and run-time queries. This technique allocates the weights of different SQL keywords used in design time and run-time queries and further design time and run-time vectors have been created from respective queries. The similarity between the design time and run time vector is determined by calculating the angle between these two vectors. The angle of deviation between the design time vector and run time vector is calculated and if the angle of deviation is zero, then it is concluded as no SQL injection otherwise, it indicates the existence of SQLiA vulnerability. The proposed algorithm is validated against the GitHub dataset. In the first dataset, out of 1300 injected queries, the proposed method identifies 1219 injected queries; out of 300 normal queries, it identifies 290 normal queries with 93.76% and 96.66% detection accuracy, respectively. Similarly, for the second dataset, out of 10489 injected queries, it identifies 10280 injected queries and out of 301 normal queries, it identifies 280 normal queries with 98.01% and 93.02% detection accuracy, respectively.