Research And Implement Of SQL Injection Detection Technology Based On Deep Learning

With the continuous development of the Internet,all kinds of security threats in the network have been emerging rapidly.Among them,SQL injection attack is one of the main threats faced by web applications and the most common Internet attack.SQL injection attack has characteristics of various types,fast mutations,hidden attacks,etc.so that leads to great damage.Traditional SQL injection detection methods,mostly based on established rules,can not cope with the challenges of changing attack technique.Most of the detection methods using shallow machine learning depend on the manual definition of judgment features,which requires higher prior knowledge.If some features are not defined accurately in advance,the detection effect will be greatly affected.In recent years,due to the rapid development of deep learning technology without complicated feature engineering,using it to distinguish SQL injection attacks quickly and accurately has become a new research trend.This paper is devoted to using deep learning technology to detect SQL injection attacks.The main research results are as follows:Firstly,a method of positive samples generation based on data transmission channel is proposed.Aiming at the problem that more data is needed to train the classifier using deep learning,this paper proposes a SQL injection attack model based on data transmission channel to generate positive samples from the perspective of stolen data outflow channel,so as to these samples can more accurately describe the injection attack behavior and its rules.In this way,more high-quality training samples are obtained and it can enhance the generalization ability of the trained classifier by reducing the over-fitting problem in the training process of model.Secondly,a method of SQL injection sample feature vectorization based on TF-IDF and Word2Vec is proposed.When vectorizing the samples,aiming at the problem that word2vec representation focuses on the semantic information of words but ignores the importance of each word in the samples,this paper uses TF-IDF algorithm to give different weights to the distributed word vectors of the samples and fuse them with word2vec to obtain the vector representation that contains both the semantic information and the importance degree of the words.Thirdly,a method of SQL injection attack detection based on the improved TextCNN and Bi-LSTM is proposed.After vectorizing the samples in the dataset,the local features in the samples are extracted by the improved textcnn,and then the sequence information in the samples are extracted by the bidirectional LSTM network.Finally,aiming at the problem that LSTM has a slightly poor effect on the data with a long sequence,the distance between any two words in the sequence is reduced to 1 by using the attention mechanism to improve the effectiveness of the model.In addition,in the overall scheme,we also add the feature vector obtained by using BERT for transfer learning.Finally,we design and implement the SQL injection attack detection system,and the overall design process and modular details of the detection system are described in detail.The validity of the positive sample generation method and the sample vectorization method proposed in this paper are verified by multiple experiments.When the ratio of positive and negative samples is close to 1,the detection accuracy is up to 99.89%,which effectively reduces the false negative rate and false positive rate,and has a significant improvement compared with other solutions.