SQL Injection Attack Detection Using Fasttext

Authors

  • Zaher Alshami Master's Student, Eng in the Computer Engineering and Automation Department, Faculty of Mechanical and Electrical Engineering, Damascus University
  • Raouf Hamdan Hamdan Dr, Teacher in the Computer Engineering and Automation Department, Faculty of Mechanical and Electrical Engineering, Damascus University

Keywords:

SQL Injection Attack, Cyber Security, Natural Language Processing, Machine Learning, TF-IDF, Word2Vec, Fasttex

Abstract

SQL injection attack falls under the web-based attacks, that are recently ranked among the top vulnerabilities according to the reports of the most

important international network and information security centers over last years.

Fasttext is one of the important tools in the field of natural language processing (NLP), through its reliance on the concept of N-gram, it is characterized by its ability to represent new words outside the text, or co-called Out of Vocabulary (OOP), and to recognize not only the semantic similarity between words, but also the morphological association between them.

In this paper, a model based on Fasttext is  proposed to extract features and use Logistic Regression and Gradient Boost algorithms to detect SQL injection attack. In Addition, two other features extraction techniques such as Word2Vec and TF_IDF are  used for comparison, the results show a clear superiority of Fasttext over its counterparts with 99.73% for accuracy, which makes the proposed model the most appropriate model for detecting SQL injection attack.

Downloads

Download data is not yet available.

Author Biographies

  • Zaher Alshami, Master's Student, Eng in the Computer Engineering and Automation Department, Faculty of Mechanical and Electrical Engineering, Damascus University

    Master's Student, Eng in the Computer Engineering and Automation Department, Faculty of Mechanical and Electrical Engineering, Damascus University.

  • Raouf Hamdan Hamdan, Dr, Teacher in the Computer Engineering and Automation Department, Faculty of Mechanical and Electrical Engineering, Damascus University

    Dr, Teacher in the Computer Engineering and Automation Department, Faculty of Mechanical and Electrical Engineering, Damascus University.

Downloads

Published

2025-12-17

Issue

Vol. 41 No. 4 (2025): Damascus University Journal for engineering sciences

Section

المقالات

How to Cite

SQL Injection Attack Detection Using Fasttext. (2025). Damascus University Journal for Engineering Sciences, 41(4). https://journal.damascusuniversity.edu.sy/index.php/engj/article/view/8828