Comparative Analysis of Various Algorithms for Detecting Sql Injection in Web Applications رسالة ماجستير

Abstract

Injection attacks, especially SQL injection, remain one of the biggest threats to online application security, compromising user privacy, system integrity, and data confidentiality(Farooq, 2021). This paper compares machine learning (ML), deep learning (DL), and hybrid models for detecting such attacks. In addition to traditional models such as logistic regression, naive Bayes, decision trees, and random forests, a variety of algorithms were evaluated, including more complex approaches such as forward neural networks (FFNNs), convolutional neural networks (CNNs), and hybrid combinations such as FFNN+Naive Bayes or FFNN+SVM (Liu et al., 2021). Two different datasets were used to evaluate the models using three popular text-to vectorization techniques: Count Vectorizer, Word2Vec, and TF-IDF. Evaluation metrics such as execution time, accuracy, precision, recall, and F1 score were used to provide a comprehensive assessment (Yacouby & Axman, 2020). The comes about appears that FFNNs embedded with Word2Vec are the deep learning models with the highest accuracy (up to 98.9%) and moderately quick execution times. Hybrid models such as FFNN + Naive Bayes and NN + SVM also illustrated prevalent execution (98.1%) when utilizing Count Vectorizer, combining the qualities of both deep learning and traditional machine learning. In contrast, traditional models such as Naive Bayes and Decision Trees struggled to represent more complex or dense vectors, especially with TF-IDF and Word2Vec. XGBoost emerged as the best performer among traditional models using TF-IDF, achieving 98.4% accuracy but with a longer execution time. Despite its accuracy, SVMs suffer from scalability issues due to their high computational cost on high-dimensional data. This study demonstrates that while traditional models may perform well for applications requiring fast completion, deep learning and hybrid techniques outperform when accuracy is a major concern. The results encourage further research on real-time deployment frameworks for SQL injection detection, which also supports the wider use of hybrid models that combine comprehensive feature extraction and efficient classification