文献类型：期刊文献

英文题名：Sql injection detection algorithm based on Bi-LSTM and integrated feature selection

作者：Qin, Qiurong[1];Li, Yueqin[1];Mi, Yajie[1];Shen, Jinhui[1];Wu, Kexin[1];Wang, Zhenzhao[1]

第一作者：Qin, Qiurong

通讯作者：Li, YQ[1]

机构：[1]Beijing Union Univ, Smart City Coll, Beijing 100101, Peoples R China

第一机构：北京联合大学继续教育学院

通讯机构：[1]corresponding author), Beijing Union Univ, Smart City Coll, Beijing 100101, Peoples R China.|[1141733]北京联合大学继续教育学院;[11417]北京联合大学;

年份：2025

卷号：81

期号：4

外文期刊名：JOURNAL OF SUPERCOMPUTING

收录：;EI(收录号：20251218065861);Scopus(收录号：2-s2.0-105000041211);WOS:【SCI-EXPANDED(收录号:WOS:001445205700001)】；

语种：英文

外文关键词：SQL injection; TF-IDF algorithm; Integrated feature selection; Bi-LSTM network

摘要：SQL injection attacks represent a significant web security threat. However, due to their diversity and variability, existing detection methods often suffer from high false alarm rates and low accuracy. To address these challenges, this paper proposes an efficient and lightweight SQL injection detection model, SQLLS, based on a bidirectional long short-term memory network. Initially, the term frequency-inverse document frequency algorithm is employed to convert SQL statements into numerical feature vectors, enabling the extraction of key information and enhancing the model's ability to characterize the input data. Subsequently, an integrated feature selection method, GFC, is presented, which combines multiple techniques to improve both the accuracy and robustness of feature selection. Specifically, gradient boosting regression trees are used to evaluate the importance of each feature, identifying those most significant for classification; Fisher score filters out features that can effectively distinguish between SQL injections and non-injections based on statistical significance; and the chi-square test further evaluates the relevance of the features with respect to the target label, ensuring that the selected features are highly correlated with SQL injection detection. After feature selection, a mixed precision training technique is utilized to reduce memory consumption and enhance training efficiency. To reduce the complexity of the bidirectional long short-term memory model and improve its computational efficiency, this paper introduces a pruning technique that minimizes computational overhead by removing unimportant weight connections, thereby improving the model's operational efficiency. Experimental results demonstrate that the SQLLS model achieves an accuracy of 100%, a low false alarm rate of 0.154%, and significantly shorter running times compared to existing models.