SQL Injection Vulnerability Detection Based on Pissa-Tuned Llama 3 Large Language Model

SQL Injection Vulnerability Detection Based on Pissa-Tuned Llama 3 Large Language Model

연구 분야: Databases

학회: 2024 6th International Conference on Frontier Technologies of Information and Computer (ICFTIC)

SQL injection vulnerability is a common cyber security vulnerability. The existing SQL injection attack detection methods have problems such as high false positive rate and insufficient migration. In view of the powerful natural language processing ability of large language models, this paper proposes a SQL injection vulnerability detection method based on PiSSA fine-tuning of Llama3 large language models. The experimental results show that the proposed method achieves 99.81% accuracy and 0.19% false positive rate on the common benchmark data set, which verifies the good performance of the large language model in the field of SQL injection attack detection.