Sql injection detection algorithm based on Bi-LSTM and integrated feature selection

Sql injection detection algorithm based on Bi-LSTM and integrated feature selection

연구 분야: Databases

학회: The Journal of Supercomputing

SQL injection attacks represent a significant web security threat. However, due to their diversity and variability, existing detection methods often suffer from high false alarm rates and low accuracy. To address these challenges, this paper proposes an efficient and lightweight SQL injection detection model, SQLLS, based on a bidirectional long short-term memory network. Initially, the term frequency-inverse document frequency algorithm is employed to convert SQL statements into numerical feature vectors, enabling the extraction of key information and enhancing the model’s ability to characterize the input data. Subsequently, an integrated feature selection method, GFC, is presented, which combines multiple techniques to improve both the accuracy and robustness of feature selection. Specifically, gradient boosting regression trees are used to evaluate the importance of each feature, identifying those most significant for classification; Fisher score filters out features that can effectively distinguish between SQL injections and non-injections based on statistical significance; and the chi-square test further evaluates the relevance of the features with respect to the target label, ensuring that the selected features are highly correlated with SQL injection detection. After feature selection, a mixed precision training technique is utilized to reduce memory consumption and enhance training efficiency. To reduce the complexity of the bidirectional long short-term memory model and improve its computational efficiency, this paper introduces a pruning technique that minimizes computational overhead by removing unimportant weight connections, thereby improving the model’s operational efficiency. Experimental results demonstrate that the SQLLS model achieves an accuracy of 100%, a low false alarm rate of 0.154%, and significantly shorter running times compared to existing models.