SQL Injection Behavior Mining Based Deep Learning

  • Peng Tang
  • Weidong Qiu
  • Zheng Huang
  • Huijuan Lian
  • Guozhen Liu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11323)


SQL injection is a common network attack. At present, filtering methods are mainly used to prevent SQL injection, yet risks of incomplete filtering still remains. By deep learning, we detect whether the user behaviors contain SQL injection attacks. The scheme proposed in this article extracts the characteristics of the HTTP traffic in the training sets and uses the deep neural network LSTM and the MLP training data sets, the final predictive capacity of the testing sets is over 99%. The deep neural network uses ReLU as the activation function of the hidden layer, continuously updates the weight parameters through gradient descent algorithm, and finally completes the training within 50 epoch iterations.


SQL injection Deep learning MLP LSTM 



This work was supported by the Development Program of China under Grants Complexity 2017YFB0802704 and program of Shanghai Technology Research Leader under grant 16XD1424400.


  1. 1.
    Huang, H.C., Zhang, Z.K., Cheng, H.W., et al.: web application security: threats, countermeasures, and pitfalls. Computer 50(6), 81–85 (2017)CrossRefGoogle Scholar
  2. 2.
    Masri, W., Sleiman, S.: SQLPIL: SQL injection prevention by input labeling. Secur. Commun. Netw. 8(15), 2545–2560 (2015)CrossRefGoogle Scholar
  3. 3.
    Bhardwaj, M., John, A.: An adaptive algorithm to prevent SQL Injection 4(3–1), 12–15 (2015)Google Scholar
  4. 4.
    Buja, G., Jalil, K.B.A., Ali, F.B.H.M., et al.: Detection model for SQL injection attack: an approach for preventing a web application from the SQL injection attack. In: IEEE Symposium on Computer Applications and Industrial Electronics, pp. 60–64. IEEE (2015)Google Scholar
  5. 5.
    Parvez, M., Zavarsky, P., Khoury, N.: Analysis of effectiveness of black-box web application scanners in detection of stored SQL injection and stored XSS vulnerabilities. In: Internet Technology and Secured Transactions, pp. 186–191. IEEE (2016)Google Scholar
  6. 6.
    Yuan, G., Li, B., Yao, Y., et al.: A deep learning enabled subspace spectral ensemble clustering approach for web anomaly detection. In: International Joint Conference on Neural Networks, pp. 3896–3903. IEEE (2017)Google Scholar
  7. 7.
    Kumar, M., Indu, L.: Detection and prevention of SQL injection attack. Int. J. Comput. Sci. Inf. Technol. 5, 374–377 (2014)Google Scholar
  8. 8.
    Shi, C.C., Zhang, T., Yu, Y., et al.: A new approach for SQL-injection detection. Comput. Sci. 127, 245–254 (2012)Google Scholar
  9. 9.
    Lecun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436 (2015)CrossRefGoogle Scholar
  10. 10.
    Kaur, N., Kaur, P.: Modeling a SQL injection attack. In: International Conference on Computing for Sustainable Global Development. IEEE (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Peng Tang
    • 1
  • Weidong Qiu
    • 1
  • Zheng Huang
    • 1
  • Huijuan Lian
    • 1
  • Guozhen Liu
    • 1
  1. 1.School of Cyber SecurityShanghai Jiao Tong UniversityShanghaiChina

Personalised recommendations