Research On SQL Injection And XSS Attack Detection Technology Based On Machine Learning

The rise of internet technology makes the network environment complex and diverse,and web applications suffer from a variety of network attacks.SQL injection and XSS attack are the most common means to invade web applications.They are widely applicable,easy to operate and cause great harm.At present,there are two main methods to detect web attacks: the first is that technical experts formulate a security rule base by analyzing the characteristics of Web attacks,and the detector based on the rule base detects web attacks.However,with the development and change of Web attacks,this technology has low detection efficiency and can not detect deformed web attacks;The second is to apply machine learning to web applications,use the machine learning model to learn the characteristics of normal samples and attack samples,and get a model that can detect web attacks.This detection model has a high recognition rate of Web attacks,and can even detect most deformed SQL injection and XSS attacks.In order to detect SQL injection and XSS attacks more accurately,we propose a machine learning model to detect these two attacks at the same time.Although the network principles of XSS attack and SQL injection attack are different,their attack forms are the same.They are implemented by modifying the parameters in the URL.Therefore,we unify the expression of the two attacks.In the data collection stage,our experimental data mainly comes from the public data of Git Hub website and network security company,as well as using tools to simulate attacks on the website and obtain data.After obtaining the data,the sample data is cleaned,segmented and vectorized.After data preprocessing,this paper selects two different machine learning models to establish classifiers: one is convolutional neural network model;The other is to use FP-growth algorithm to optimize SVM model.Firstly,the training samples are used to train the two models,so that the model can learn the characteristics of normal samples and attack samples to obtain the classifier;Then the test set is used to verify the detection effects of the two models.Comparing the experimental results with previous experiments,we find that the accuracy and recall rate of using convolutional neural network to detect the two attacks are higher than those of predecessors,and the SVM optimized by FP-growth algorithm has better detection effect than the latest improved SVM;Finally,we compare the two detection methods in this paper,and the optimized SVM has better performance than CNN.