Network Intrusion Detection System for SQL Injection
1Prof. C. U. Chauhan, Assistant Professor, Department of Computer Science & Engineering,
Government College Of Engineering, Chandrapur, India.
2Kunal Wadhai, 3Rohan Raut, 4Shriram Raut, 5Aditya Nikode, 6Vaibhav Pachbhai,
Department of Computer Science & Engineering,
Government College Of Engineering, Chandrapur, India.
---------------------------------------------------------------------***---------------------------------------------------------------------
Abstract - SQL injection (SQL) attacks pose a serious threat to web applications by allowing attackers to manipulate database queries and gain unauthorized access to sensitive data. Traditional security mechanisms, such as signature-based detection and rule-based firewalls, often fail to detect evolving SQL patterns. This paper presents a real-time Network Intrusion Detection System (NIDS) that leverages machine learning techniques to accurately identify and mitigate SQL injection attempts. The proposed system continuously monitors user input, extracts relevant SQL query features, and classifies them as either legitimate or malicious using a trained machine learning model.
The methodology involves the preprocessing of SQL queries, feature engineering for enhanced classification accuracy, and training a machine learning model using a dataset containing both normal and SQL injection queries. The performance of the system is evaluated based on multiple metrics, including accuracy, false positive rate, and real-time processing efficiency. Experimental results demonstrate that the proposed NIDS achieves high detection accuracy while significantly reducing false positives compared to conventional methods. The system is designed to operate efficiently in real-time environments, making it a valuable addition to existing cybersecurity frameworks for protecting web applications against SQL injection attacks.
Key Words: Network Intrusion Detection, SQL Injection, Machine Learning, Cybersecurity, Web Security.
