A Comparative Study of SQL Injection Detection Using Machine Learning Approach


  • Fabian Dass Michael Dass UTHM
  • Cik Feresa Mohd Foozy UTHM


Random Forest, SQL Injection, Support Vector Machine


Injection vulnerabilities are still the most common and deadly attacks against online applications. Therefore, a SQL Injection detection framework with suitable approaches has been proposed. In this paper, the Random Forest and Support Vector Machine algorithms and detection of SQL Injection are analyzed. The experiments were carried out and tested on HTTPParamsDataset. In this research, there are six (6) phases implemented in the research such as Raw Data, Data Preprocessing, Feature Extraction, Features Selection, Classification, and Result. The experiments evaluated in terms of Accuracy, True Positive, True Negative and Precision in identifying the best performances classifiers. At the end of the study, the Random Forest classifiers are identified to be best classifiers with 100 percent of accuracy in average compared to Support Vector Machine classifiers with 90.26 percent of accuracy without Information Gain for the accuracy of SQL Injection detection while the accuracies of Random Forest with implementing Information Gain are 99.99 percent, 100 percent, and 99.99 percent, whereas the accuracies of the Support Vector Machine are 90.26 percent.




How to Cite

Michael Dass, F. D., & Mohd Foozy, C. F. (2022). A Comparative Study of SQL Injection Detection Using Machine Learning Approach. Applied Information Technology And Computer Science, 3(2), 19–31. Retrieved from https://publisher.uthm.edu.my/periodicals/index.php/aitcs/article/view/7370