Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection

IF 1.3 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security Pub Date : 2024-04-05 DOI:10.1049/2024/5565950

Yixian Liu, Yupeng Dai

{"title":"Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection","authors":"Yixian Liu, Yupeng Dai","doi":"10.1049/2024/5565950","DOIUrl":null,"url":null,"abstract":"<div>\n <p>In the past decade, cybersecurity has become increasingly significant, driven largely by the increase in cybersecurity threats. Among these threats, SQL injection attacks stand out as a particularly common method of cyber attack. Traditional methods for detecting these attacks mainly rely on manually defined features, making these detection outcomes highly dependent on the precision of feature extraction. Unfortunately, these approaches struggle to adapt to the increasingly sophisticated nature of these attack techniques, thereby necessitating the development of more robust detection strategies. This paper presents a novel deep learning framework that integrates Bidirectional Encoder Representations from Transformers (BERT) and Long Short-Term Memory (LSTM) networks, enhancing the detection of SQL injection attacks. Leveraging the advanced contextual encoding capabilities of BERT and the sequential data processing ability of LSTM networks, the proposed model dynamically extracts word and sentence-level features, subsequently generating embedding vectors that effectively identify malicious SQL query patterns. Experimental results indicate that our method achieves accuracy, precision, recall, and F1 scores of 0.973, 0.963, 0.962, and 0.958, respectively, while ensuring high computational efficiency.</p>\n </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2024-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/5565950","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/2024/5565950","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In the past decade, cybersecurity has become increasingly significant, driven largely by the increase in cybersecurity threats. Among these threats, SQL injection attacks stand out as a particularly common method of cyber attack. Traditional methods for detecting these attacks mainly rely on manually defined features, making these detection outcomes highly dependent on the precision of feature extraction. Unfortunately, these approaches struggle to adapt to the increasingly sophisticated nature of these attack techniques, thereby necessitating the development of more robust detection strategies. This paper presents a novel deep learning framework that integrates Bidirectional Encoder Representations from Transformers (BERT) and Long Short-Term Memory (LSTM) networks, enhancing the detection of SQL injection attacks. Leveraging the advanced contextual encoding capabilities of BERT and the sequential data processing ability of LSTM networks, the proposed model dynamically extracts word and sentence-level features, subsequently generating embedding vectors that effectively identify malicious SQL query patterns. Experimental results indicate that our method achieves accuracy, precision, recall, and F1 scores of 0.973, 0.963, 0.962, and 0.958, respectively, while ensuring high computational efficiency.

Abstract Image

查看原文本刊更多论文

网络安全中的深度学习：用于 SQL 注入攻击检测的混合 BERT-LSTM 网络

在过去十年中，网络安全变得越来越重要，这主要是由于网络安全威胁的增加。在这些威胁中，SQL 注入攻击是一种特别常见的网络攻击方法。检测这些攻击的传统方法主要依赖于人工定义的特征，因此这些检测结果高度依赖于特征提取的精度。遗憾的是，这些方法难以适应这些攻击技术日益复杂的性质，因此需要开发更强大的检测策略。本文提出了一种新颖的深度学习框架，该框架集成了来自变换器的双向编码器表征（BERT）和长短期记忆（LSTM）网络，从而提高了对 SQL 注入攻击的检测能力。利用 BERT 先进的上下文编码能力和 LSTM 网络的顺序数据处理能力，所提出的模型可动态提取单词和句子级特征，随后生成嵌入向量，从而有效识别恶意 SQL 查询模式。实验结果表明，我们的方法在保证高计算效率的同时，准确度、精确度、召回率和 F1 分数分别达到了 0.973、0.963、0.962 和 0.958。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IET Information Security 工程技术-计算机：理论方法

CiteScore

3.80

自引率

7.10%

发文量

审稿时长

8.6 months

期刊介绍： IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls. Scope: Access Control and Database Security Ad-Hoc Network Aspects Anonymity and E-Voting Authentication Block Ciphers and Hash Functions Blockchain, Bitcoin (Technical aspects only) Broadcast Encryption and Traitor Tracing Combinatorial Aspects Covert Channels and Information Flow Critical Infrastructures Cryptanalysis Dependability Digital Rights Management Digital Signature Schemes Digital Steganography Economic Aspects of Information Security Elliptic Curve Cryptography and Number Theory Embedded Systems Aspects Embedded Systems Security and Forensics Financial Cryptography Firewall Security Formal Methods and Security Verification Human Aspects Information Warfare and Survivability Intrusion Detection Java and XML Security Key Distribution Key Management Malware Multi-Party Computation and Threshold Cryptography Peer-to-peer Security PKIs Public-Key and Hybrid Encryption Quantum Cryptography Risks of using Computers Robust Networks Secret Sharing Secure Electronic Commerce Software Obfuscation Stream Ciphers Trust Models Watermarking and Fingerprinting Special Issues. Current Call for Papers: Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf