Comparison study for NLP using machine learning techniques to detecting SQL injection vulnerabilities

Document Type : Research Paper


1 Computer Science Department, Informatics Institute for Postgraduate Studies, Iraq

2 University of Information Technology and Communications, Iraq



Due to the vast number of electronic attacks that occur on a daily basis, protecting users' data is extremely important in this age of technology. Nowadays, cyber security is regarded as a top priority. Thus, the preservation of user privacy and data security is essential. The SQL vulnerability isn't a new form of website attack; it's been around for a long time. However, it is a new attack nowadays. ML algorithms were used to solve the problem of detecting SQL Injection attacks on websites. By training seven ML algorithms on a batch of data comprising SQL injection queries, including (Naive Bayes, Neural-Network, SVM, Random-Forest, KNN, and Logistic Regression) and choosing the best model that gives the highest accuracy. In comparison to previous studies, high-precision data were obtained, with the Naive-Bayes algorithm achieving 0.99 accuracies, 0.98 precision, 1.00 recall, and a 0.99 f1-score. In this paper, experiences, work schedules, and outcomes are examined. Compared to other methods, this naive Bayes approach has proven to be quite accurate in identifying SQL injection threats.


Articles in Press, Corrected Proof
Available Online from 25 February 2023
  • Receive Date: 13 June 2022
  • Revise Date: 20 July 2022
  • Accept Date: 30 August 2022
  • First Publish Date: 25 February 2023