|
Optimizing the detection of SQL injection attacks using a combination of random forest and genetic algorithms
|
Javad Moradi *   , Majid Ghayoori |
| Imam Hossein University |
|
|
Abstract: (1283 Views) |
| Despite all the efforts of security experts to detect SQL injection attacks, according to OWASP report’s, SQL injection attack is still used as the most important cyber attack by attackers. In order to detect attacks, two methods are used: signature-based and behavior-based. Signature-based methods are used for known attacks, and behavior-based methods are suitable for detecting unknown attacks. Behavior-based intrusion detection systems are more useful because attacks are implemented in different ways. Behavior can be analyzed by methods such as classification, clustering, etc. One of the most important classification algorithms is the random forest algorithm which has high accuracy and on the other hand the implementation and interpretation of the results can be done easily using this algorithm. According to the studies, the accuracy of the random forest algorithm is highly dependent on its input parameters. These parameters include 9 items, including the number of trees, their depth, voting method, information gain, and so on. Optimal determination of these parameters is an optimization problem with large state space. In this research, a method based on genetic algorithm to determine the optimal values of these parameters is presented. Due to the optimal determination of the parameters, the obtained results show an improvement in the detection accuracy compared to the default state of the algorithm and other researches. The evaluation results indicate that the intrusion detection accuracy in the proposed method was %98, which is about %11 higher than the random forest algorithm with default parameters and %08 higher than previous studies. |
|
| Keywords: Random forest algorithm, Genetic algorithm, SQL injection attack, Database intrusion detection system |
|
|
Full-Text [PDF 503 kb]
(323 Downloads)
|
Type of Study: Research |
Subject:
Information and Communication Security
Received: 2020/09/1 | Accepted: 2021/05/2 | Published: 2021/08/19
|
|
|
|
|
|
