An Sql Injection Detection Model Using Chi-Square with Classification Techniques

SQL Injection attacks is a common threat to web applications that utilizes poor input validation to implement attack on a target database. It is becoming a very serious problem in web application as successful leads to loss of integrity and confidentiality and this makes it a very sensitive issue of software security. This study gives a review on SQL Injection detection and prevention techniques using machine learning classifiers. Machine Learning approach has been found to be profound for SQLIA mitigation, which is implemented through defensive coding approach. An experimental analysis was performed to evaluate the performance of the learning classification algorithms to choose the best algorithm. It is imperative to note that a good number of the evaluated techniques were able to detect and prevent the SQLIA based on the KDD Test dataset. From the findings, Naive Bayes had the minimum Accuracy 80.01%, Sensitivity as well as Specificity while Decision Tree had the highest Accuracy 98.11%, Sensitivity and Specificity and therefore was chosen as the best classifier for SQLIA detection and prevention. Therefore, beyond Accuracy, other performance evaluation metrics are critical for optimal algorithm selection for predictive analytics.