Detecting SQL injection attacks by binary gray wolf optimizer and machine learning algorithms

dc.authoridArasteh, Bahman/0000-0001-5202-6315
dc.authoridKiani, Farzad/0000-0002-0354-9344
dc.authoridFarzad, Behnood/0000-0003-3110-1050
dc.authorwosidArasteh, Bahman/AAN-9555-2021
dc.authorwosidTorkamanian-Afshar, Mahsa/AAD-9989-2022
dc.authorwosidKiani, Farzad/O-3363-2013
dc.contributor.authorArasteh, Bahman
dc.contributor.authorAghaei, Babak
dc.contributor.authorFarzad, Behnoud
dc.contributor.authorArasteh, Keyvan
dc.contributor.authorKiani, Farzad
dc.contributor.authorTorkamanian-Afshar, Mahsa
dc.date.accessioned2024-05-19T14:46:45Z
dc.date.available2024-05-19T14:46:45Z
dc.date.issued2024
dc.departmentİstinye Üniversitesien_US
dc.description.abstractSQL injection is one of the important security issues in web applications because it allows an attacker to interact with the application's database. SQL injection attacks can be detected using machine learning algorithms. The effective features should be employed in the training stage to develop an optimal classifier with optimal accuracy. Identifying the most effective features is an NP-complete combinatorial optimization problem. Feature selection is the process of selecting the training dataset's smallest and most effective features. The main objective of this study is to enhance the accuracy, precision, and sensitivity of the SQLi detection method. In this study, an effective method to detect SQL injection attacks has been proposed. In the first stage, a specific training dataset consisting of 13 features was prepared. In the second stage, two different binary versions of the Gray-Wolf algorithm were developed to select the most effective features of the dataset. The created optimal datasets were used by different machine learning algorithms. Creating a new SQLi training dataset with 13 numeric features, developing two different binary versions of the gray wolf optimizer to optimally select the features of the dataset, and creating an effective and efficient classifier to detect SQLi attacks are the main contributions of this study. The results of the conducted tests indicate that the proposed SQL injection detector obtain 99.68% accuracy, 99.40% precision, and 98.72% sensitivity. The proposed method increases the efficiency of attack detection methods by selecting 20% of the most effective features.en_US
dc.description.sponsorshipIstinye Universityen_US
dc.description.sponsorshipNo Statement Availableen_US
dc.identifier.doi10.1007/s00521-024-09429-z
dc.identifier.issn0941-0643
dc.identifier.issn1433-3058
dc.identifier.scopus2-s2.0-85186209319en_US
dc.identifier.scopusqualityQ1en_US
dc.identifier.urihttps://doi.org10.1007/s00521-024-09429-z
dc.identifier.urihttps://hdl.handle.net/20.500.12713/5585
dc.identifier.wosWOS:001171299200007en_US
dc.identifier.wosqualityN/Aen_US
dc.indekslendigikaynakWeb of Scienceen_US
dc.indekslendigikaynakScopusen_US
dc.language.isoenen_US
dc.publisherSpringer London Ltden_US
dc.relation.ispartofNeural Computing & Applicationsen_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.snmz20240519_kaen_US
dc.subjectSoftware Securityen_US
dc.subjectSql Injection Attacksen_US
dc.subjectArtificial Neural Networken_US
dc.subjectFeature Selectionen_US
dc.subjectBinary Gray Wolf Optimization Algorithmen_US
dc.subjectAccuracyen_US
dc.titleDetecting SQL injection attacks by binary gray wolf optimizer and machine learning algorithmsen_US
dc.typeArticleen_US

Dosyalar