K. J. Somaiya

The rapid development of web applications leads to the security problems related to the web attacks. The detection of these attacks is a critical task specially SQL injection which is the top most web vulnerability. The existing signature based detection approaches lacks the functionality to cope up with the new signatures. Machine Learning (ML) becomes an alternative concept to existing solutions. However readymade labeled dataset or corpus with SQLI patterns is unavailable and also the current existing models have not yet used the feature reduction technique on most dangerous vulnerability logs. These are the well known issues in SQL Injection research. This paper contains an approach in which SQLI logs will be collected & further processed based on ‘TFIDF-Ngram with Singular value decomposition’ approach for dataset preparation and feature engineering. The paper explores the generation and classification of feature reduced SQLI data set from HTTP traffic logs like CSIC-2010 [1] and ECML/PKDD-2007 [2, 3]. The experiments carried out on supervised ML techniques with observed evaluations presented in Confusion Matrix (CM).