Abstract:
"
Day by day the usage of enterprise web applications have been increased. Therefore, almost
all of hackers try to acquire the details of the users, the payment methods, numbers, the
other methods which they are connected with the people and inter-connected with day-to day activities and etc…There is a high possibility and a risk to expose user data and the
privacy. This is known as the Web Application Vulnerability. In this web application
vulnerability, SQL injection is a one of the major problem. Most of the web application
developers are using traditional validation methods in web application input fields such as
regex, firewalls, input sanitizations. These types of methods are no longer effective or
appropriate. Because SQL injection techniques are changed from time to time and that is
the risk of bypassing variants.
This proposed solution identify the SQL injection from the web application input forms
and proposed a SQL injection validation model based on the Convolutional Neural
Networks. To deal with the web application vulnerability, advantage of high dimensional
features of SQL injection behavior can be taken. The proposed approach is tested using
real web application input form, which is the representative input form validation using
regex, input sanitization, and firewall method. The proposed model research findings
indicate that the CNN based model has a higher percentage of accuracy, recall, precision,
and F1 score, so, it is more accurate to validating attack than traditional methods.
This research proves that the vulnerabilities that happened in a web application can be
prevented. Advanced technologies have been used and those will help the developer to
avoid the SQL injections in a proper and secured way. There is less possibility of hacking
using the SQL injection due to this CNN model. So, the hackers cannot reach systems and
the data using SQL injection."
