Multi-input MLP and LSTM-Based Neural Network Model for SQL Injection Detection

One of the most dangerous attacks on web applications is the SQL injection attack. These attacks are mainly transmitted by clients on web applications that create SQL queries using low-level strings. An SQL injection can make our database susceptible to unknown users. Though a lot of SQL Injection detection techniques and methodologies have been used to prevent web applications from such injection attacks, the evolution in different types of injections by the attackers made it impossible to detect all types of injections. The use of new technologies and methodologies by the attackers or the intruders in different types of injections made the SQL attacks stronger and undetectable easily. Hence, a lot of machine learning detection techniques and methodologies and their combinations are used by the injection or attack detectors to detect such undetectable attacks and try to secure web applications from such SQL injection attacks completely. From the literature review, we concluded that the LSTM and MLP classifiers have the best performance among all the machine learning classifiers. In this study, an LSTM and MLP ensemble multi-input neural network model is proposed. The results show that the proposed model is the best model for detecting SQL injection attacks.