Development of an SQL injection detection and prevention model using genetic algorithm

Authors

  • Samson Daniel Department of Computer Science, University of Calabar, Cross River State, Nigeria
  • Edim Azom Emmanuel Department of Computer Science, University of Calabar, Cross River State, Nigeria
  • Felix Ukpai Ogban Department of Computer Science, University of Calabar, Cross River State, Nigeria

DOI:

https://doi.org/10.64497/jssci.152

Keywords:

SQL Injection detection, prevention model, genetic algorithm, web application, hacking, vulnerability, intrusion detection system

Abstract

SQL injection is a common and dangerous attack vector in web applications that allows attackers to execute malicious SQL queries to gain unauthorized access to the database. We aim to develop a more adaptive and resilient system that can dynamically evolve and adapt to new attack patterns. SQL injection detection and prevention has the potential to significantly improve the security of web applications and provide better protection against SQL injection attacks. Intrusion detection and prevention systems (IDPS) play a critical role in safeguarding computer networks from malicious activities and security breaches. Traditional IDPS solutions often struggle to adapt to evolving threats and exhibit limitations in accurately detecting and preventing sophisticated attacks. This approach is for enhancing IDPS capabilities through the integration of a hybrid genetic algorithm (HGA). By combining the evolutionary search capabilities of genetic algorithms with the domain-specific knowledge and rules of intrusion detection systems, the proposed HGA offers a robust framework for improving detection accuracy and reducing false positives. The hybridization process involves incorporating genetic operators, such as crossover and mutation, into the rule-based detection mechanisms of IDPS. Additionally, the HGA dynamically adjusts detection thresholds and parameters based on real-time network traffic analysis, enabling adaptive and proactive defense mechanisms against emerging threats.

Downloads

Download data is not yet available.

References

[1] Delwar, C. & Jain, S.C., (2019). "Analysis and classification of SQL injection vulnerabilities and attacks on web applications,” International Conference on Advances in Engineering and Technology Research (ICAETR), pp.1- 6.

[2] Han, S.; Xie, M.; & S. Kumar (2021). SQL injection:Types, methodology, attack queries and prevention, 3rd Int.Conf. Computer. Sustainable Global Dev.(INDIACom) pp. 2872–2876.

[3] Slatalla. D. & Himanshu. G. (2020). SQL Filtering: An Effective Technique to prevent SQL Injection Attack, in International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), pp. 312 – 317.

[4] Bing .Z., & Chitsutha. S. (2021). “Machine Learning for SQL Injection Prevention on Server- Side Scripting”, in InternationalComputer Science and Engineering Conference (ICSEC),pp. 1-6.

[5] Son, S.; McKinley, K.S.; Shmatikov, V. Diglossia: Detecting code injection attacks with precision and efficiency. Proc. ACM Conf. Comput. Commun. Secur. 2018, 2, 1181–1191. [Google Scholar] [CrossRef]

[6] Devakunchari R. & Valliyammai C. (2022). A top web security vulnerability SQL injection attack”, Seventh International Conference on Advanced Computing (ICoAC).

[7] Delwar.D, (2018). “Advanced Automated SQL Injection Attacks and Defensive Mechanisms”, in Annual Connecticut Conference on Industrial Electronics,Technology & Automation (CT-IETA),pp. 1-6.

[8] Fonseca.F, & Tarique M., (2019). Detection of SQL injection attacks: A machine learning approach, Int. Conf. Electr. Comput. Technol. Appl. (ICECTA) pp. 1- 6. DOI: https://doi.org/10.1109/ICECTA48151.2019.8959617

[9] Schneider. K, (2021). Based approach for detection of injection attacks, Proc. 2nd IEEE Int. Conf. . Intelligent Knowledge. Econ. ICCIKE, pp. 378-383. DOI: https://doi.org/10.1109/ICCIKE51210.2021.9410675

[10] Jovanovic J., & Yukovetskyi O. S. (2021). “SQL Injection Prevention System”, IEEE International Conference Radio Electronics & Communications.

[11] Halfond H., & ThosarS., (2016). “Detection of SQL injection and XSS attacks in three tier web applications”,International Conference on Computing Communication Control and automation(IC-CUBEA).

[12] Huang H,& Srinivas A. (2023). “An Application Specific Randomized Encryption Algorithm to Prevent SQL Injection”, International Conference on Trust, Security and Privacy in Computing

Downloads

Published

2026-01-29

How to Cite

Daniel, S., Emmanuel, E. A., & Ogban, F. U. (2026). Development of an SQL injection detection and prevention model using genetic algorithm. Journal of Statistical Sciences and Computational Intelligence, 2(1), 75–80. https://doi.org/10.64497/jssci.152

Issue

Vol. 2 No. 1 (2026): Volume 2, Issue 1 ( January - March 2026)

Section

Articles

License

Copyright (c) 2026 Samson Daniel, Edim Azom Emmanuel, Felix Ukpai Ogban

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Views
  • Abstract 115
  • PDF 27

Similar Articles

1 2 3 4 5 > >> 

You may also start an advanced similarity search for this article.