Injection attack is the first of the top 10 security threats announced by the OWASP. Meanwhile, SQL injection is one of the most important types among the injection attacks. Because of its various types and fast variations, SQL injection can cause great harm to the network, resulting in data leakage and website paralysis. Due to the heterogeneity of attack load, the diversity of attack methods and the variety of attack modes, SQL injection detection is still a challenging problem. How to defense SQL injection attack effectively becomes the focus and frontier of web security nowadays. Therefore, this paper proposes an adaptive deep forest-based method to detect the complex SQL injection attacks. Firstly, the structure of deep forest is optimized in our paper, the input of each layer is concatenated by the raw feature vector and average of previous outputs. Experiments show that our proposed method effectively solves the problem that the original features of deep forests are degraded with the increasing number of layers. Then, we introduce an AdaBoost algorithm based deep forest model which utilizes error rate to update the weights of features on each layer. That is, in the process of training, different features are assigned with different weights based on their influence on the result. Our model can automatically adjust the structure of the tree model and deal with multi-dimensional fine-grained features to avoid over-fitting problem effectively. The experimental results show that the proposed method has a better performance than classical machine learning methods and deep learning methods.
