SQL Injection Vulnerability Identification from Text

Abstract

Increasing usage of Information Technology (IT) applications in distributed environment is leading to an increase in security exploits. Vulnerabilities related information is also available on open web in an unstructured format that developers may leverage to fix security weaknesses in their IT applications. SQL Injection (SQLi) is one of the topmost vulnerabilities impacting the security of IT applications. We propose an approach to identify information about SQLi in text using text summarization to process any length of text, and a supervised machine learning model to automate the classification of SQLi. To validate the proposed approach, we created a dataset of 100,019 entries that includes 50,010 entries of SQLi from the National Vulnerability Database, 25,010 near negatives related to other cyber security vulnerabilities, and 24,999 data entries that are unrelated to cyber security. The selected Random Forest model was also tested identify SQLi from Web and Twitter text.