Affiliation:
1. Escuela de Ingeniería de Sistemas, Universidad Señor de Sipán, Chiclayo 14000, Peru
Abstract
Structured Query Language (SQL) injections pose a constant threat to web services, highlighting the need for efficient detection to address this vulnerability. This study compares machine learning algorithms for detecting SQL injections in web microservices trained using a public dataset of 22,764 records. Additionally, a software architecture based on the microservices approach was implemented, in which trained models and the web application were deployed to validate requests and detect attacks. A literature review was conducted to identify types of SQL injections and machine learning algorithms. The results of random forest, decision tree, and support vector machine were compared for detecting SQL injections. The findings show that random forest outperforms with a precision and accuracy of 99%, a recall of 97%, and an F1 score of 98%. In contrast, decision tree achieved a precision of 92%, a recall of 86%, and an F1 score of 97%. Support Vector Machine (SVM) presented an accuracy, precision, and F1 score of 98%, with a recall of 97%.
Funder
Universidad Señor de Sipán
Reference32 articles.
1. A microservice-based software architecture for improving the availability of dental health records;Valdivia;Int. J. Comput.,2022
2. Database security in RDF terms;Mocean;Sci. Bull.,2023
3. Analysis of SQL injection based on Petri net in wireless network;Wang;J. Inf. Sci. Eng.,2023
4. Countermeasure to structured query language injection attack for web applications using hybrid logistic regression technique;Shagari;J. Niger. Soc. Phys. Sci.,2022
5. A hybrid framework for detecting structured query language injection attacks in web-based applications;Furhad;Int. J. Electr. Comput. Eng.,2022