Detecting SQL Injection On Web Application Using Deep Learning Techniques: A Systematic Literature Review

被引:3
作者
Muslihi, Muhammad Takdir [1 ]
Alghazzawi, Daniyal [1 ]
机构
[1] King Abdulaziz Univ, Fac Comp & Informat Technol, Dept Informat Syst, Jeddah 21589, Saudi Arabia
来源
2020 THIRD INTERNATIONAL CONFERENCE ON VOCATIONAL EDUCATION AND ELECTRICAL ENGINEERING (ICVEE): STRENGTHENING THE FRAMEWORK OF SOCIETY 5.0 THROUGH INNOVATIONS IN EDUCATION, ELECTRICAL, ENGINEERING AND INFORMATICS ENGINEERING | 2020年
关键词
SQL Injection; Web Application; Deep Learning;
D O I
10.1109/icvee50212.2020.9243198
中图分类号
G40 [教育学];
学科分类号
040101 ; 120403 ;
摘要
Based on OWASP, code injection is one of the top lists of security risks. Structured Query Language (SQL) Injection is one of these types of attacks. SQL injection attack is an attack by spoofing the server to execute malicious code. The main object of this paper is to identify relevant works about deep learning methods to detect SQL-Injection on web applications. To achieve that, we conduct a survey review of the literature. In this study, we provide a review of 14 studies using deep learning algorithms to detect SQL Injection on web applications and it provides a comparison between them. Deep learning has great potential in threat intelligence detection.
引用
收藏
页数:6
相关论文
共 26 条
  • [1] CODDLE: Code-Injection Detection With Deep Learning
    Abaimov, Stanislav
    Bianchi, Giuseppe
    [J]. IEEE ACCESS, 2019, 7 : 128617 - 128627
  • [2] A Review on Android Ransomware Detection Using Deep Learning Techniques
    Alzahrani, Nisreen
    Alghazzawi, Daniyal
    [J]. 11TH INTERNATIONAL CONFERENCE ON MANAGEMENT OF DIGITAL ECOSYSTEMS (MEDES), 2019, : 330 - 335
  • [3] [Anonymous], 2020, OWASP TOP 10 SECURIT
  • [4] [Anonymous], 2020, World Internet Users Statistics and 2020 World Population Stats
  • [5] Baxter R., 2008, APPLY INFORM SECURIT, V39
  • [6] Securing web applications from injection and logic vulnerabilities: Approaches and challenges
    Deepa, G.
    Thilagam, P. Santhi
    [J]. INFORMATION AND SOFTWARE TECHNOLOGY, 2016, 74 : 160 - 180
  • [7] WOVSQLI: Detection of SQL Injection Behaviors Using Word Vector and LSTM
    Fang, Yong
    Peng, Jiayi
    Liu, Liang
    Huang, Cheng
    [J]. ICCSP 2018: PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY, SECURITY AND PRIVACY, 2018, : 170 - 174
  • [8] Deep Learning: An Overview
    Farsal, Wissal
    Anter, Samir
    Ramdani, Mohammed
    [J]. PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS: THEORIES AND APPLICATIONS (SITA'18), 2018,
  • [9] Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study
    Ferrag, Mohamed Amine
    Maglaras, Leandros
    Moschoyiannis, Sotiris
    Janicke, Helge
    [J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2020, 50
  • [10] Estimating Web Attack Detection via Model Uncertainty from Inaccurate Annotation
    Gong, Xinyu
    Zhou, Yuefu
    Bi, Yue
    He, Mingcheng
    Sheng, Shiying
    Qiu, Han
    He, Ruan
    Lu, Jialiang
    [J]. 2019 6TH IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (IEEE CSCLOUD 2019) / 2019 5TH IEEE INTERNATIONAL CONFERENCE ON EDGE COMPUTING AND SCALABLE CLOUD (IEEE EDGECOM 2019), 2019, : 53 - 58
123