Detection of SQL Injection Attacks through the Network Logs Using Machine Learning Methods

The article examines machine learning methods for detecting the introduction of SQL code into the network logs using the KNIME program, based on finding patterns between incoming features and subsequent forecasting in a binary classification problem. Unlike existing works, this article examines the effectiveness of five tree-based machine learning methods. The content and sequence of work stages are presented. The highest results were shown by the Random Forest method (accuracy – 97.58%; area under the ROC curve is 0.976).

1. "Stab me if you can" – how websites and SQL databases are attacked with injections – Dmitry Ushakov on TenChat.ru. URL: https://tenchat.ru/media/2607916-protkni-menya-yesli-smozhesh--kak-atakuyut-vebsayty-i-bazy-dannykh-sql-inyektsiyami (date of access: 17.04.2025).

2. Khomyarchuk M. V. Modern trends and innovations in web security: challenges, solutions and prospects //Science and modern education: current issues. – 2023. – p. 28.

3. Oglov V. A. Investigation of sql injection attacks and analysis of web site security //Bulletin of the Magistracy. - 2024. – p. 15.

4. Manukyan A. R. Problems of ensuring cybersecurity at the present stage //Law and management. – 2024. – No. 10. – pp. 313-316.

5. Peev D. D., Pankov K. N. The use of computer vision and machine learning technologies in the field of secure information systems //Signal synchronization, generation and processing systems. – p. 28.

6. Yudova E. A., Laponina O. R. Comparative analysis of approaches to detecting SQL injections using machine learning methods //International Journal of Open Information Technologies. - 2023. - Vol. 11. - No. 6. - pp. 175-181.

7. Kasim Ö. An ensemble classification-based approach to detect attack level of SQL injections //Journal of Information Security and Applications. – 2021. – Т. 59. – С. 102852.

8. Erdődi L., Sommervoll Å. Å., Zennaro F. M. Simulating SQL injection vulnerability exploitation using Q-learning reinforcement learning agents //Journal of Information Security and Applications. – 2021. – Т. 61. – С. 102903.

9. Zaozersky A. A. Technical approaches to information protection //BBK 1 N 34. – P. 6505.

10. Chesalov A. Y. Glossary on artificial intelligence: 2500 terms/ A. Y. Chesalov - "Publishing solutions", 2022. - 670 p.

11. SQL attack. URL: https://ru.easiio.com/sql-attack/ (date of access: 03.04.2025).

12. The Hearland Breach | A cautionary Tale foe E-Commerce. URL: https://blog.comodo.com/e-commerce/the-heartland-breach-a-cautionary-tale-for-e-commerce/ (date of access: 03.04.2025).

13. Indonesian Journal of Electrical Engineering and Computer Science Vol. 21, No. 2, February 2021, pp. 1121-1131.

14. Yahoo Hack Leaks 453,000 Voices Passwords. URL: https://www.darkreading.com/cyberattacks-data-breaches/yahoo-hack-leaks-453-000-voice-passwords (date of access: 03.04.2025).

15. Unknown persons hacked the British TalkTalk provider – Xakep. URL: https://xakep.ru/2015/10/27/talktalk-hacked/ (date of access: 03.04.2025).

16. Nathan C., Steven F., Human Aspects of Information Security and Assurance, p.329, New York: Springer International Publishing (2022).

17. Current threats: The second quarter of 2023. URL: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2023-q2/ (date of access: 03.04.2025).

18. Major cyber attacks and leaks in Russia in 2024. URL: https://blog.cortel.cloud/2024/05/23/krupnye-kiberataki-i-utechki-pervoj-poloviny-2024-goda-v-rossii/?ysclid=m929qx878m857705097 (date of access: 03.04.2025).

19. KNIME Analytics Platform | KNIME. URL: https://www.knime.com/knime-analytics-platform (date of access: 15.05.2025).

20. Web Network. URL: https://www.kaggle.com/datasets/willianoliveiragibin/web-network (date of access: 21.03.2025).

21. How to use the PCA method to reduce the dimension of data / Habr. URL: https://habr.com/ru/companies/otus/articles/769274 / (date of access: 04.03.2025).

22. Machine Learning Glossary | Google for Developers. URL: https://developers.google.com/machine-learning/glossary#d (date of access: 15.05.2025).

23. Kostromitin M. A. The fight against retraining of neural networks: causes, effects and methods of prevention //BBK 1 N 34. - p. 2809.