Document Type : Research Paper

Authors

• Manar Hasan Ali AL-Maliki ¹
• Mahdi Nsaif Jasim ²

¹ Computer Science Department, Informatics Institute for Postgraduate Studies, Iraq

² University of Information Technology and Communications, Iraq

Abstract

Due to the vast number of electronic attacks that occur on a daily basis, protecting users' data is extremely important in this age of technology. Nowadays, cyber security is regarded as a top priority. Thus, the preservation of user privacy and data security is essential. The SQL vulnerability isn't a new form of website attack; it's been around for a long time. However, it is a new attack nowadays. ML algorithms were used to solve the problem of detecting SQL Injection attacks on websites. By training seven ML algorithms on a batch of data comprising SQL injection queries, including (Naive Bayes, Neural-Network, SVM, Random-Forest, KNN, and Logistic Regression) and choosing the best model that gives the highest accuracy. In comparison to previous studies, high-precision data were obtained, with the Naive-Bayes algorithm achieving 0.99 accuracies, 0.98 precision, 1.00 recall, and a 0.99 f1-score. In this paper, experiences, work schedules, and outcomes are examined. Compared to other methods, this naive Bayes approach has proven to be quite accurate in identifying SQL injection threats.

Keywords

• Security
• Attacks
• SQL injection
• Machine learning
• Deep learning