•  
  •  
 

Abstract

Securing sensitive data is of utmostimportancefor organizations and individuals to maintain data confidentiality, integrity, and timely availability.Additionally, the data of organizations and individuals may face increasedrisksdue to attackersgaining unauthorized access, enabling themto misuse the data for illicit purposes. The consequences of such attacks can be severe, leading to significant financial losses and a breakdown of trust between individuals and organizations. Structured QueryLanguage injection (SQL-i) stands out asone of the most prevalent methods employed to illicitly access data, exploitinga vulnerability in the query statement. This vulnerability grants an attacker swift and effortless access to the data.It consequently allows an unauthorized user to tamper withor erase data, or even hinder legitimate access to it.To counteract these attacks, this research aims to build a model using Machine-Learning (ML)techniques that classifies the type of payloads sent by users.This model aims toreducethe time required for payloadclassificationand to scrutinize thefalse predictions when classifying SQL requests,along withtheir ramifications on principles of information security (Confidentiality, Integrity andAvailability-CIA). The devised model incorporates a dataset containing harmful and benign payloads to train it, employing Logistic Regression (LR)and Singular Value Decomposition (SVD) techniques. The model demonstrated an impressiveaccuracy of 98.20%, precision of 98.02%, recall of 99.65%andanF1score of98.20%.Furthermore, the time taken to classify a payload was a mere 0.0029 seconds. The constructed model excels in accurately categorizing payloads and significantly reducing processing time, owing to the utilization of theLRmodel in tandem with SVD, which aids in selecting the most pertinent features fortraining the model

Download

Share

COinS