Detection of SQL Injection Attack Using Machine Learning Based On Natural Language Processing

Abstract

There has been a significant increase in the number of cyberattacks. This is not only happening in Indonesia, but also in many countries.  Thus, the issue of cyber attacks should receive attention and be interesting to study.  Regarding the explored security vulnerabilities, the Open Web Application Security Project has published the Top-10 website vulnerabilities. SQL Injection is still become one of the website vulnerabiliteis which is often exploited by attacker. This research has implemented and tested five algorithms. They are Naïve Bayes, Logistic Regression, Gradient Boosting, K-Nearest Neighbor, and Support Vector Machine. In addition, this study also uses natural language processing to increase the level of detection accuracy, as a part of text processing. Therefore, the main dataset was converted to corpus to make it easier to be analyzed. This process was carried out on feature enginering stage. This study used two datasets of SQL Injection. The first dataset was used to train the classifier, and the second dataset was used to test the performance of classifier. Based on the tests that have been carried out, the Support Vector Machine get the highest level of accuracy detection. The accuracy of detection is 0.9977 with 0,00100 micro seconds per query time of process. In performance testing, Support Vector Machine classifier can detect 99,37% of second dataset. Not only Support Vector Machine, the study have also revealed the detection accuracy level of further tested algorithms: K-Nearest Neighbor (0,9970), Logistic Refression (0,9960), Gradient Boosting (0,99477), and Naïve Bayes (0,9754).