GSQLi: A GAN-based Approach for Adversarial SQL Injection Sample Generation against WAF

GSQLi: A GAN-based Approach for Adversarial SQL Injection Sample Generation against WAF

연구 분야: Databases

학회: 2025 11th International Conference on Computing and Artificial Intelligence (ICCAI)

Web application firewalls (WAFs) are critical for detecting and blocking malicious activities, offering essential protection for web applications. However, to defend against the complexity of modern attacks, penetration testers must regularly evaluate WAFs to identify potential weaknesses. A key aspect of this process involves bypassing WAFs or attack detectors, and utilizing machine learning (ML) significantly enhances the effectiveness of testing. Using ML not only increases the efficiency of identifying vulnerabilities but also reduces the need for manual intervention. In this paper, we propose a novel method named GSQLi to mutate payload for SQL Injection (SQLi) attacks, one of the most popular attacks on web applications, to deceive WAFs or detectors. By leveraging the Generative Adversarial Network (GAN), SQLi payloads are generated by applying several mutations on the original ones, making it challenging for detectors to identify them as malicious. Additionally, these mutated payloads retain their ability to exploit vulnerabilities effectively. Experimental results prove the capability of payloads generated by our approach to bypassing machine learning-based attack detectors and ModSecurity, a real-world WAF. This reveals potential vulnerabilities in current defense systems, enabling defenders to address weaknesses more swiftly and enhance protection against advanced attacks on web applications.