Browse Categories

Abstract

International Journal of Trends in Emerging Research and Development, 2024;2(6):257-261

Intrusion detection systems for SQL databases using machine learning

Author : Chadchankar Amarnath Shivanand, Dr. Balveer Singh, Dr. Yashpal Singh, Dr. Rohita Yamaganti and Dr. Swati Dey

Abstract

SQL Injection is still among the worst security flaws, exposing users' private data and causing financial losses. The most current OWASP Top 10 study ranks injection attacks as the top vulnerability, and the frequency of these attacks is on the rise. By definition, Intrusion Detection System (IDS) rules that rely on static signatures are a common component of traditional defensive systems. These rules are great for preventing known attacks but aren't effective against zero-day threats. Many recent studies have used machine learning methods, which may identify previously unseen threats but can be performance-heavy depending on the methodology. To add insult to injury, some intrusion detection systems scour database server logs for information, while others focus on gathering traffic entering the web app across the network or the web app host. A web application host, a MySQL database server, and a Datiphy appliance node placed between the two are the two sources of traffic that will be collected in this project. Through our examination of these two datasets as well as an additional dataset that is correlated with them, we have proven that the accuracy achieved with the correlated dataset using algorithms like decision trees and rule-based approaches is comparable to that of a neural network algorithm, but with substantially better performance.

Keywords

Industry, traditional, machine learning, performance, companies