Research on SQL Injection Detection Method Based on Mixed Word Embedding

Research on SQL Injection Detection Method Based on Mixed Word Embedding

연구 분야: Databases

학회: 2024 6th International Conference on Communications, Information System and Computer Engineering (CISCE)

With the rapid development of the internet, the challenges of network security are becoming increasingly severe. SQL injection attacks are one of the primary security threats faced by web applications today. Characterized by their diverse types, rapid evolution, covert attack methods, and significant damage, the number of SQL injection attacks is on the rise year by year. Currently, mainstream SQL injection detection methods are mostly based on traditional machine learning and deep learning algorithms, which have issues such as imperfect word vector training methods and insufficient classification accuracy. Therefore, this paper proposes an AWTextCNN model based on a hybrid word embedding method. This model employs the Albert-Word2vec hybrid word embedding method for word vector training and uses the TextCNN model for classification. Experimental results show that the AWTextCNN model achieves an accuracy, precision, recall, and F1 score of 99.73%, 99.75%, 99.66%, and 99.70% respectively on the test set, demonstrating excellent performance in the field of SQL injection detection.