Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection
In the past decade, cybersecurity has become increasingly significant, driven largely by the increase in cybersecurity threats. Among these threats, SQL injection attacks stand out as a particularly common method of cyber attack. Traditional methods for detecting these attacks mainly rely on manuall...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2024-01-01
|
| Series: | IET Information Security |
| Online Access: | http://dx.doi.org/10.1049/2024/5565950 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832553088869728256 |
|---|---|
| author | Yixian Liu Yupeng Dai |
| author_facet | Yixian Liu Yupeng Dai |
| author_sort | Yixian Liu |
| collection | DOAJ |
| description | In the past decade, cybersecurity has become increasingly significant, driven largely by the increase in cybersecurity threats. Among these threats, SQL injection attacks stand out as a particularly common method of cyber attack. Traditional methods for detecting these attacks mainly rely on manually defined features, making these detection outcomes highly dependent on the precision of feature extraction. Unfortunately, these approaches struggle to adapt to the increasingly sophisticated nature of these attack techniques, thereby necessitating the development of more robust detection strategies. This paper presents a novel deep learning framework that integrates Bidirectional Encoder Representations from Transformers (BERT) and Long Short-Term Memory (LSTM) networks, enhancing the detection of SQL injection attacks. Leveraging the advanced contextual encoding capabilities of BERT and the sequential data processing ability of LSTM networks, the proposed model dynamically extracts word and sentence-level features, subsequently generating embedding vectors that effectively identify malicious SQL query patterns. Experimental results indicate that our method achieves accuracy, precision, recall, and F1 scores of 0.973, 0.963, 0.962, and 0.958, respectively, while ensuring high computational efficiency. |
| format | Article |
| id | doaj-art-d89f309cdda64fe7be1db3e1df62795a |
| institution | Kabale University |
| issn | 1751-8717 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Information Security |
| spelling | doaj-art-d89f309cdda64fe7be1db3e1df62795a2025-02-03T05:56:54ZengWileyIET Information Security1751-87172024-01-01202410.1049/2024/5565950Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack DetectionYixian Liu0Yupeng Dai1Xi’an University of Posts and TelecommunicationsXi’an University of Posts and TelecommunicationsIn the past decade, cybersecurity has become increasingly significant, driven largely by the increase in cybersecurity threats. Among these threats, SQL injection attacks stand out as a particularly common method of cyber attack. Traditional methods for detecting these attacks mainly rely on manually defined features, making these detection outcomes highly dependent on the precision of feature extraction. Unfortunately, these approaches struggle to adapt to the increasingly sophisticated nature of these attack techniques, thereby necessitating the development of more robust detection strategies. This paper presents a novel deep learning framework that integrates Bidirectional Encoder Representations from Transformers (BERT) and Long Short-Term Memory (LSTM) networks, enhancing the detection of SQL injection attacks. Leveraging the advanced contextual encoding capabilities of BERT and the sequential data processing ability of LSTM networks, the proposed model dynamically extracts word and sentence-level features, subsequently generating embedding vectors that effectively identify malicious SQL query patterns. Experimental results indicate that our method achieves accuracy, precision, recall, and F1 scores of 0.973, 0.963, 0.962, and 0.958, respectively, while ensuring high computational efficiency.http://dx.doi.org/10.1049/2024/5565950 |
| spellingShingle | Yixian Liu Yupeng Dai Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection IET Information Security |
| title | Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection |
| title_full | Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection |
| title_fullStr | Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection |
| title_full_unstemmed | Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection |
| title_short | Deep Learning in Cybersecurity: A Hybrid BERT–LSTM Network for SQL Injection Attack Detection |
| title_sort | deep learning in cybersecurity a hybrid bert lstm network for sql injection attack detection |
| url | http://dx.doi.org/10.1049/2024/5565950 |
| work_keys_str_mv | AT yixianliu deeplearningincybersecurityahybridbertlstmnetworkforsqlinjectionattackdetection AT yupengdai deeplearningincybersecurityahybridbertlstmnetworkforsqlinjectionattackdetection |