TITLE:
Designing a Detection Model for SQL Injection Attack
AUTHORS:
Daniel Schilling Weiss Nguyen, Dawood F. Alrubie
KEYWORDS:
SQL Injection Detection (SQLi), Authorized Push Payment (APP) Fraud: Feature Engineering, Transaction Data, User Behavior Patterns, Convolutional Neural, Networks (CNNs), Recurrent Neural Networks (RNNs)
JOURNAL NAME:
Journal of Computer and Communications,
Vol.13 No.8,
August
7,
2025
ABSTRACT: SQL injection attacks pose a critical threat to web application security, exploiting vulnerabilities to gain access, or modify sensitive data. Traditional rule-based and machine learning approaches have limitations when applied to real-time web application environments, making detection of injection attacks difficult. Therefore, this study seeks to design and evaluate a Deep Learning-Based SQL Injection Detection System Specifically Convolutional Neural Networks (CNNs) and Recurrent Neural Networks (RNNs). These models can be utilized to detect SQL injection attacks in real-time web applications. The empirical results show that the proposed model is very accurate, with a mean accuracy of 94.5%, a low standard deviation, and a precision of 96%, meaning that the system correctly identified all the SQL injections as malicious without any false positives. Furthermore, the distributions of the amounts, frequencies, time, and duration of the transactions, all of which are derived from behavioral analyses of the transaction data, were also useful in identifying the existence of unusual patterns of activities that could be associated with fraudulent transactions.