SlideShare a Scribd company logo

Evaluation of Recurrent Neural Networks for Detecting Injections in API Requests

Download as PPTX, PDF
Gopi Krishna
Gopi Krishna

In the digital era where APIs facilitate seamless data exchange, security vulnerabilities in these interfaces, particularly injection attacks like SQL injection or script injection, have emerged as critical concerns. Injection refers to a broad class of attack vectors that allow an attacker to add part of a command or a query that changes the way the program executes. The consequences of undetected injection attacks are severe, ranging from unauthorized data access to service disruptions. Left unchecked, these incidents can result in reputational damage and financial losses for organizations

Engineering
1 of 17
 INTRODUCTION  OBJECTIVES  PROBLEM IDENTIFICATION  LITERATURE SURVEY  PROPOSED SOLUTION  SYSTEM ARCHITECTURE  METHODOLOGY  REFERENCES
 In the digital era where APIs facilitate seamless data exchange, security vulnerabilities in these interfaces, particularly injection attacks like SQL injection or script injection, have emerged as critical concerns.  Injection refers to a broad class of attack vectors that allow an attacker to add part of a command or a query that changes the way the program executes.  The consequences of undetected injection attacks are severe, ranging from unauthorized data access to service disruptions.  Left unchecked, these incidents can result in reputational damage and financial losses for organizations
 Traditional static rule-based security approaches often struggle to keep pace with the dynamic and evolving nature of injection attacks. There's a need for advanced methods capable of learning and adapting to new threat patterns.  Leveraging machine learning, particularly Recurrent Neural Networks (RNNs), holds promise in addressing the shortcomings of static approaches.  RNNs can analyze the sequential patterns in API requests, providing a dynamic and adaptive security solution.  To facilitate swift response and minimize the impact of security incidents, the project integrates with logging and alerting systems. This ensures that security teams are promptly notified, enabling effective mitigation and response strategies.
 Generate a dataset with huge API requests, equally distributed between 50% malicious and 50% non-malicious instances, ensuring a balanced representation for model training.  Exclude irrelevant fields (e.g., timestamp, headers) from the dataset and perform text preprocessing, converting API request entries into vector representations suitable for neural network input.  Employ RNNs with an embedding layer to analyze sequential patterns in API requests, specifically focusing on their temporal dependencies
 Enhance memory efficiency by using word embeddings, a vector representation, for textual data in API requests, enabling the model to generalize effectively.  Split the dataset into 75% training and 25% testing data to facilitate robust model training and evaluation.
 Security Vulnerabilities in API Requests:  Systems are more vulnerable to security risks due to the increase in the use of APIs, especially injection attacks. Unsecured API requests risk unauthorized access, data breaches, and application integrity compromise.  Dynamic and Evolving Attacks:  Traditional static security struggles with evolving injection tactics. Rule- based approaches may miss sophisticated patterns, leaving systems susceptible to emerging threats.  Potential Impact on Data Integrity:  Injection attacks (e.g., SQL, script) pose severe risks to sensitive data integrity. Undetected attacks can result in manipulation, unauthorized access, and significant consequences.
 Inadequacy of Rule-Based Models:  Existing security models relying on static rules may not effectively adapt to minute injection attack patterns, creating gaps in comprehensive threat detection.  Limited Proactive Measures:  Current security lacks proactive features, making it difficult to stay ahead of evolving injection tactics. A solution is needed for identifying and addressing threats before escalation.  Insufficient Integration with Logging and Alerting:  Incomplete integration with logging and alerting systems hampers swift responses to detected threats. A comprehensive solution should provide actionable insights and facilitate rapid response to potential breaches
SL NO TITLE AUTHOR PULICATION YEAR DESCRIPTION 1 Integrated approach to prevent SQL Injection attack and reflected Cross site scripting attack P. sharma. R. Johari and S. Sarma International Journal of system Assurance engineering and management, Vol.3 no. 4 2012 proposed a query model generator using the hybrid approach i.e. a modification to the existing model of MHAPSIA 2 Detection of SQL Injection Attacks: A Machine Learning Approach M. Hasan, Z. Balbahaith and M. Tarique, International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, United Arab Emirates 2019 proposed a machine learning-based heuristic algorithm to detect SQL injection attacks. Using machine learning, they were able to predict most of the attacks achieving high accuracy of 93.8%. They have considered a dataset that consists of SQL queries
SL NO TITLE AUTHOR PULICATION YEAR DESCRIPTION 3 Detection of SQL Injection Behaviors Using Word Vector and LSTM Fang, Yong & Peng, Jiayi & Liu, Liang & Huang, Cheng Proceedings of the 2nd International Conference on Cryptography, Security and Privacy 2018 proposed using word vectors representation of SQL queries and feeding this into LSTMs to detect SQL injections. They identified the problem as a sequence of words that could be solved using the popular sequence model, LSTM
 In this project we proposes a solution using sequence models to identify whether or not an API request has SQL, XML, JSON, and other types of malicious injections.  We also propose a novel heuristic procedure that minimizes the number of false positives. False positives are the valid API requests that are misclassified as malicious by the model
 Dataset Generation:  Create a dataset using a mock API with diverse endpoints (/login, /search, /checkout). Send 100 requests per second, randomly distributing attempted injections.  Each request is represented as a JSON object with a '0' label for valid requests and '1' for attempted injections. Ensure dataset balance with 12,500 malicious and 12,500 non-malicious API requests.  Data Preprocessing:  Exclude irrelevant fields (timestamp, headers) that cannot contain injections. Perform text pre-processing to convert entries into vector representations.  Add an embedding layer before the Recurrent Neural Network (RNN) model to utilize word embeddings, optimizing memory usage and enhancing generalization.
 Dataset Splitting:  Divide the dataset into 75% training and 25% testing data to ensure a robust evaluation of the model's performance.  RNN Model Training:  Integrate an embedding layer before the RNN model. Train six models using the training data over three epochs.  Use a sigmoid activation function in the last layer to output a value between 0 and 1, representing the probability of a request being malicious.  Classification and Threshold:  Employ a threshold of 50% for classification. Requests with a probability greater than 50% are classified as malicious, while those with a probability less than 50% are considered valid
H/W REQUIREMENTS  Processor : Intel I3 2nd generation  Speed : 2.1 Ghz  RAM : 4GB  Hard Disk : 500 GB S/W REQUIREMENTS  Operating System :Windows 7 / 10  Front End : HTML,CSS,JS  Framework used : Flask  Coding Language : Python.  Database Connectivity : Mysql.
[1] Nagpal, B., Chauhan, N., & Singh, N. (2017). A Survey on the Detection of SQL Injection Attacks and Their Countermeasures. JIPS (Journal of Information Processing Systems) [2] P. sharma. R. Johari and S. Sarma,” Integrated approach to prevent SQL Injection attack and reflected Cross site scripting attack”, International Journal of system Assurance engineering and management, Vol.3 no. 4. pp:343-351,2012 [3] G. Jiao, C M Xu and J. Maohua,” SQLIMW: a new mechanism against SQL injection”, in Proceedings of the International Conference on Computer science and Service Systems (CSSS) Nanjing, China 2012,pp:1178-1180 [4] Fang, Yong & Peng, Jiayi & Liu, Liang & Huang, Cheng. (2018). WOVSQLI: Detection of SQL Injection Behaviors Using Word Vector and LSTM. 170-174. 10.1145/3199478.3199503. [5] Hochreiter, Sepp & Schmidhuber, Jürgen. (1997). Long Short-term Memory. Neural computation. 9. 1735-80. 10.1162/neco.1997.9.8.1735.
[6] Chung, J.; Gulcehre, C.; Cho, K. & Bengio, Y. (2014), 'Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling' , cite arxiv:1412.3555Comment: Presented in NIPS 2014 Deep Learning and Representation Learning Workshop [7] M. Hasan, Z. Balbahaith and M. Tarique, "Detection of SQL Injection Attacks: A Machine Learning Approach," 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, United Arab Emirates, 2019, pp. 1-6, doi: 10.1109/ICECTA48151.2019.8959617. [8] M. Schuster and K. K. Paliwal, "Bidirectional recurrent neural networks," in IEEE Transactions on Signal Processing, vol. 45, no. 11, pp. 2673- 2681, Nov. 1997, doi: 10.1109/78.650093. [9] Liu, W., Wang, Z., Liu, X., Zeng, N., Liu, Y., & Alsaadi, F.E. (2017). A survey of deep neural network architectures and their applications. Neurocomputing, 234, 11-2

Recommended

Literature Survey on Web based Recognition of SQL Injection Attacks
Literature Survey on Web based Recognition of SQL Injection AttacksLiterature Survey on Web based Recognition of SQL Injection Attacks
Literature Survey on Web based Recognition of SQL Injection AttacksIRJET Journal
 
Ijeee 51-57-preventing sql injection attacks in web application
Ijeee 51-57-preventing sql injection attacks in web applicationIjeee 51-57-preventing sql injection attacks in web application
Ijeee 51-57-preventing sql injection attacks in web applicationKumar Goud
 
Security against Web Application Attacks Using Ontology Based Intrusion Detec...
Security against Web Application Attacks Using Ontology Based Intrusion Detec...Security against Web Application Attacks Using Ontology Based Intrusion Detec...
Security against Web Application Attacks Using Ontology Based Intrusion Detec...IRJET Journal
 
WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...
WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...
WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...IJCNCJournal
 
Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...
Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...
Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...IJCNCJournal
 
Prevention of SQL injection in E- Commerce
Prevention of SQL injection in E- CommercePrevention of SQL injection in E- Commerce
Prevention of SQL injection in E- Commerceijceronline
 
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...AM Publications
 
Prevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML DatabasePrevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML DatabaseIOSR Journals
 

Recommended

Literature Survey on Web based Recognition of SQL Injection Attacks
Literature Survey on Web based Recognition of SQL Injection AttacksLiterature Survey on Web based Recognition of SQL Injection Attacks
Literature Survey on Web based Recognition of SQL Injection AttacksIRJET Journal
 
Ijeee 51-57-preventing sql injection attacks in web application
Ijeee 51-57-preventing sql injection attacks in web applicationIjeee 51-57-preventing sql injection attacks in web application
Ijeee 51-57-preventing sql injection attacks in web applicationKumar Goud
 
Security against Web Application Attacks Using Ontology Based Intrusion Detec...
Security against Web Application Attacks Using Ontology Based Intrusion Detec...Security against Web Application Attacks Using Ontology Based Intrusion Detec...
Security against Web Application Attacks Using Ontology Based Intrusion Detec...IRJET Journal
 
WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...
WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...
WEB ATTACK PREDICTION USING STEPWISE CONDITIONAL PARAMETER TUNING IN MACHINE ...IJCNCJournal
 
Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...
Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...
Web Attack Prediction using Stepwise Conditional Parameter Tuning in Machine ...IJCNCJournal
 
Prevention of SQL injection in E- Commerce
Prevention of SQL injection in E- CommercePrevention of SQL injection in E- Commerce
Prevention of SQL injection in E- Commerceijceronline
 
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...AM Publications
 
Prevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML DatabasePrevention of SQL Injection Attacks having XML Database
Prevention of SQL Injection Attacks having XML DatabaseIOSR Journals
 
A new proactive feature selection model based on the enhanced optimization a...
A new proactive feature selection model based on the enhanced optimization a...A new proactive feature selection model based on the enhanced optimization a...
A new proactive feature selection model based on the enhanced optimization a...IJECEIAES
 
Paper-1 PPT.pptx
Paper-1 PPT.pptxPaper-1 PPT.pptx
Paper-1 PPT.pptxSangeeta Mehta
 
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...IRJET Journal
 
A hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionA hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionijdms
 
Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Pvrtechnologies Nellore
 
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET Journal
 
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...ijcisjournal
 
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...ijcisjournal
 
Ld3420072014
Ld3420072014Ld3420072014
Ld3420072014IJERA Editor
 
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...IJCSIS Research Publications
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...SBGC
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecuritySBGC
 
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...IRJET Journal
 
Titles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfTitles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfinfo751436
 
Sqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsSqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsijsptm
 
A survey of predicting software reliability using machine learning methods
A survey of predicting software reliability using machine learning methodsA survey of predicting software reliability using machine learning methods
A survey of predicting software reliability using machine learning methodsIAESIJAI
 
Optimizing cybersecurity incident response decisions using deep reinforcemen...
Optimizing cybersecurity incident response decisions using deep reinforcemen...Optimizing cybersecurity incident response decisions using deep reinforcemen...
Optimizing cybersecurity incident response decisions using deep reinforcemen...IJECEIAES
 
A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...IJECEIAES
 
A Model for Encryption of a Text Phrase using Genetic Algorithm
A Model for Encryption of a Text Phrase using Genetic AlgorithmA Model for Encryption of a Text Phrase using Genetic Algorithm
A Model for Encryption of a Text Phrase using Genetic Algorithmijtsrd
 
SQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed ApplicationsSQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed ApplicationsIOSR Journals
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 

More Related Content

Similar to Evaluation of Recurrent Neural Networks for Detecting Injections in API Requests

A new proactive feature selection model based on the enhanced optimization a...
A new proactive feature selection model based on the enhanced optimization a...A new proactive feature selection model based on the enhanced optimization a...
A new proactive feature selection model based on the enhanced optimization a...IJECEIAES
 
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...IRJET Journal
 
A hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionA hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionijdms
 
Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Pvrtechnologies Nellore
 
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET Journal
 
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...ijcisjournal
 
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...ijcisjournal
 
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...IJCSIS Research Publications
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...SBGC
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecuritySBGC
 
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...IRJET Journal
 
Titles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfTitles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfinfo751436
 
Sqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsSqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsijsptm
 
A survey of predicting software reliability using machine learning methods
A survey of predicting software reliability using machine learning methodsA survey of predicting software reliability using machine learning methods
A survey of predicting software reliability using machine learning methodsIAESIJAI
 
Optimizing cybersecurity incident response decisions using deep reinforcemen...
Optimizing cybersecurity incident response decisions using deep reinforcemen...Optimizing cybersecurity incident response decisions using deep reinforcemen...
Optimizing cybersecurity incident response decisions using deep reinforcemen...IJECEIAES
 
A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...IJECEIAES
 
A Model for Encryption of a Text Phrase using Genetic Algorithm
A Model for Encryption of a Text Phrase using Genetic AlgorithmA Model for Encryption of a Text Phrase using Genetic Algorithm
A Model for Encryption of a Text Phrase using Genetic Algorithmijtsrd
 
SQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed ApplicationsSQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed ApplicationsIOSR Journals
 

Similar to Evaluation of Recurrent Neural Networks for Detecting Injections in API Requests (20)

A new proactive feature selection model based on the enhanced optimization a...
A new proactive feature selection model based on the enhanced optimization a...A new proactive feature selection model based on the enhanced optimization a...
A new proactive feature selection model based on the enhanced optimization a...
 
Paper-1 PPT.pptx
Paper-1 PPT.pptxPaper-1 PPT.pptx
Paper-1 PPT.pptx
 
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
 
A hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and preventionA hybrid technique for sql injection attacks detection and prevention
A hybrid technique for sql injection attacks detection and prevention
 
Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...
 
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
IRJET- An Efficient Technique for Finding SQL Injection using Reverse Proxy S...
 
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
 
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
Deployment of Reverse Proxy for the Mitigation of SQL Injection Attacks Using...
 
Ld3420072014
Ld3420072014Ld3420072014
Ld3420072014
 
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
Enhanced Intrusion Detection System using Feature Selection Method and Ensemb...
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
 
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
SECURING THE DIGITAL FORTRESS: ADVERSARIAL MACHINE LEARNING CHALLENGES AND CO...
 
Titles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfTitles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdf
 
Sqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsSqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applications
 
A survey of predicting software reliability using machine learning methods
A survey of predicting software reliability using machine learning methodsA survey of predicting software reliability using machine learning methods
A survey of predicting software reliability using machine learning methods
 
Optimizing cybersecurity incident response decisions using deep reinforcemen...
Optimizing cybersecurity incident response decisions using deep reinforcemen...Optimizing cybersecurity incident response decisions using deep reinforcemen...
Optimizing cybersecurity incident response decisions using deep reinforcemen...
 
A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...
 
A Model for Encryption of a Text Phrase using Genetic Algorithm
A Model for Encryption of a Text Phrase using Genetic AlgorithmA Model for Encryption of a Text Phrase using Genetic Algorithm
A Model for Encryption of a Text Phrase using Genetic Algorithm
 
SQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed ApplicationsSQl Injection Protector for Authentication in Distributed Applications
SQl Injection Protector for Authentication in Distributed Applications
 

Recently uploaded

(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 

Recently uploaded (20)

(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 

Evaluation of Recurrent Neural Networks for Detecting Injections in API Requests

  • 1.
  • 2.  INTRODUCTION  OBJECTIVES  PROBLEM IDENTIFICATION  LITERATURE SURVEY  PROPOSED SOLUTION  SYSTEM ARCHITECTURE  METHODOLOGY  REFERENCES
  • 3.  In the digital era where APIs facilitate seamless data exchange, security vulnerabilities in these interfaces, particularly injection attacks like SQL injection or script injection, have emerged as critical concerns.  Injection refers to a broad class of attack vectors that allow an attacker to add part of a command or a query that changes the way the program executes.  The consequences of undetected injection attacks are severe, ranging from unauthorized data access to service disruptions.  Left unchecked, these incidents can result in reputational damage and financial losses for organizations
  • 4.  Traditional static rule-based security approaches often struggle to keep pace with the dynamic and evolving nature of injection attacks. There's a need for advanced methods capable of learning and adapting to new threat patterns.  Leveraging machine learning, particularly Recurrent Neural Networks (RNNs), holds promise in addressing the shortcomings of static approaches.  RNNs can analyze the sequential patterns in API requests, providing a dynamic and adaptive security solution.  To facilitate swift response and minimize the impact of security incidents, the project integrates with logging and alerting systems. This ensures that security teams are promptly notified, enabling effective mitigation and response strategies.
  • 5.  Generate a dataset with huge API requests, equally distributed between 50% malicious and 50% non-malicious instances, ensuring a balanced representation for model training.  Exclude irrelevant fields (e.g., timestamp, headers) from the dataset and perform text preprocessing, converting API request entries into vector representations suitable for neural network input.  Employ RNNs with an embedding layer to analyze sequential patterns in API requests, specifically focusing on their temporal dependencies
  • 6.  Enhance memory efficiency by using word embeddings, a vector representation, for textual data in API requests, enabling the model to generalize effectively.  Split the dataset into 75% training and 25% testing data to facilitate robust model training and evaluation.
  • 7.  Security Vulnerabilities in API Requests:  Systems are more vulnerable to security risks due to the increase in the use of APIs, especially injection attacks. Unsecured API requests risk unauthorized access, data breaches, and application integrity compromise.  Dynamic and Evolving Attacks:  Traditional static security struggles with evolving injection tactics. Rule- based approaches may miss sophisticated patterns, leaving systems susceptible to emerging threats.  Potential Impact on Data Integrity:  Injection attacks (e.g., SQL, script) pose severe risks to sensitive data integrity. Undetected attacks can result in manipulation, unauthorized access, and significant consequences.
  • 8.  Inadequacy of Rule-Based Models:  Existing security models relying on static rules may not effectively adapt to minute injection attack patterns, creating gaps in comprehensive threat detection.  Limited Proactive Measures:  Current security lacks proactive features, making it difficult to stay ahead of evolving injection tactics. A solution is needed for identifying and addressing threats before escalation.  Insufficient Integration with Logging and Alerting:  Incomplete integration with logging and alerting systems hampers swift responses to detected threats. A comprehensive solution should provide actionable insights and facilitate rapid response to potential breaches
  • 9. SL NO TITLE AUTHOR PULICATION YEAR DESCRIPTION 1 Integrated approach to prevent SQL Injection attack and reflected Cross site scripting attack P. sharma. R. Johari and S. Sarma International Journal of system Assurance engineering and management, Vol.3 no. 4 2012 proposed a query model generator using the hybrid approach i.e. a modification to the existing model of MHAPSIA 2 Detection of SQL Injection Attacks: A Machine Learning Approach M. Hasan, Z. Balbahaith and M. Tarique, International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, United Arab Emirates 2019 proposed a machine learning-based heuristic algorithm to detect SQL injection attacks. Using machine learning, they were able to predict most of the attacks achieving high accuracy of 93.8%. They have considered a dataset that consists of SQL queries
  • 10. SL NO TITLE AUTHOR PULICATION YEAR DESCRIPTION 3 Detection of SQL Injection Behaviors Using Word Vector and LSTM Fang, Yong & Peng, Jiayi & Liu, Liang & Huang, Cheng Proceedings of the 2nd International Conference on Cryptography, Security and Privacy 2018 proposed using word vectors representation of SQL queries and feeding this into LSTMs to detect SQL injections. They identified the problem as a sequence of words that could be solved using the popular sequence model, LSTM
  • 11.  In this project we proposes a solution using sequence models to identify whether or not an API request has SQL, XML, JSON, and other types of malicious injections.  We also propose a novel heuristic procedure that minimizes the number of false positives. False positives are the valid API requests that are misclassified as malicious by the model
  • 12.
  • 13.  Dataset Generation:  Create a dataset using a mock API with diverse endpoints (/login, /search, /checkout). Send 100 requests per second, randomly distributing attempted injections.  Each request is represented as a JSON object with a '0' label for valid requests and '1' for attempted injections. Ensure dataset balance with 12,500 malicious and 12,500 non-malicious API requests.  Data Preprocessing:  Exclude irrelevant fields (timestamp, headers) that cannot contain injections. Perform text pre-processing to convert entries into vector representations.  Add an embedding layer before the Recurrent Neural Network (RNN) model to utilize word embeddings, optimizing memory usage and enhancing generalization.
  • 14.  Dataset Splitting:  Divide the dataset into 75% training and 25% testing data to ensure a robust evaluation of the model's performance.  RNN Model Training:  Integrate an embedding layer before the RNN model. Train six models using the training data over three epochs.  Use a sigmoid activation function in the last layer to output a value between 0 and 1, representing the probability of a request being malicious.  Classification and Threshold:  Employ a threshold of 50% for classification. Requests with a probability greater than 50% are classified as malicious, while those with a probability less than 50% are considered valid
  • 15. H/W REQUIREMENTS  Processor : Intel I3 2nd generation  Speed : 2.1 Ghz  RAM : 4GB  Hard Disk : 500 GB S/W REQUIREMENTS  Operating System :Windows 7 / 10  Front End : HTML,CSS,JS  Framework used : Flask  Coding Language : Python.  Database Connectivity : Mysql.
  • 16. [1] Nagpal, B., Chauhan, N., & Singh, N. (2017). A Survey on the Detection of SQL Injection Attacks and Their Countermeasures. JIPS (Journal of Information Processing Systems) [2] P. sharma. R. Johari and S. Sarma,” Integrated approach to prevent SQL Injection attack and reflected Cross site scripting attack”, International Journal of system Assurance engineering and management, Vol.3 no. 4. pp:343-351,2012 [3] G. Jiao, C M Xu and J. Maohua,” SQLIMW: a new mechanism against SQL injection”, in Proceedings of the International Conference on Computer science and Service Systems (CSSS) Nanjing, China 2012,pp:1178-1180 [4] Fang, Yong & Peng, Jiayi & Liu, Liang & Huang, Cheng. (2018). WOVSQLI: Detection of SQL Injection Behaviors Using Word Vector and LSTM. 170-174. 10.1145/3199478.3199503. [5] Hochreiter, Sepp & Schmidhuber, Jürgen. (1997). Long Short-term Memory. Neural computation. 9. 1735-80. 10.1162/neco.1997.9.8.1735.
  • 17. [6] Chung, J.; Gulcehre, C.; Cho, K. & Bengio, Y. (2014), 'Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling' , cite arxiv:1412.3555Comment: Presented in NIPS 2014 Deep Learning and Representation Learning Workshop [7] M. Hasan, Z. Balbahaith and M. Tarique, "Detection of SQL Injection Attacks: A Machine Learning Approach," 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, United Arab Emirates, 2019, pp. 1-6, doi: 10.1109/ICECTA48151.2019.8959617. [8] M. Schuster and K. K. Paliwal, "Bidirectional recurrent neural networks," in IEEE Transactions on Signal Processing, vol. 45, no. 11, pp. 2673- 2681, Nov. 1997, doi: 10.1109/78.650093. [9] Liu, W., Wang, Z., Liu, X., Zeng, N., Liu, Y., & Alsaadi, F.E. (2017). A survey of deep neural network architectures and their applications. Neurocomputing, 234, 11-2