SQL Injection Attack Detection Based on Error Code Knowledge

SQL injection attacks are a commonly used network attack method. To effectively detect and prevent such attacks, this paper proposes a SQL injection detection method based on a knowledge base of error codes associated with SQL injection. The proposed method is comprised of three main components: a data preprocessing module, an automatic detection feature extraction module, and a design module for the error code knowledge base. Using the error code knowledge base, the input SQL statements are matched in real time. As soon as a successful match is detected, the system promptly identifies it as a SQL injection attack and initiates the necessary response measures. By accumulating new error codes, the detection model can be further trained on new samples, thereby enhancing its recognition ability and expanding the detection range of the model. Based on experimental results, the error code knowledge base method achieves an accuracy of 97.34%. Furthermore, it maintains an accuracy of over 96% when tested on a new data set. When compared to traditional feature detection methods, it shows higher accuracy, precision, and recall rates.