Design of SQL Injection Detection System Based on Genetic Algorithm

Design of SQL Injection Detection System Based on Genetic Algorithm

연구 분야: Databases

학회: 2025 10th International Conference on Computer and Communication System (ICCCS)

Injection vulnerabilities have been at the top of the top 10 of open Web application security projects for many years, and are one of the most damaging and widely exploited types of vulnerabilities against Web applications. Structured query language (SQL) injection attack detection is still a challenging problem due to the heterogeneity of attack loads, the diversity of attack methods and the diversity of attack modes. This paper focuses on researching how to accurately detect SQL injection attacks and determine the attacker's intent by analyzing SQL injection sequences. It proposes a method that uses deep packet inspection (DPI) technology to detect SQL injection attacks and employs a genetic algorithm to optimize the SQL injection sequence matching template library for more accurate detection of attack severity. The method in this paper achieved a 97% SQL attack detection rate on public datasets.