Securing transportation web applications: An AI-driven approach to detect and mitigate SQL injection attacks

Nachaat Mohamed ()
Additional contact information
Nachaat Mohamed: Rabdan Academy, (Homeland Security Department)

Journal of Transportation Security, 2024, vol. 17, issue 1, No 1, 18 pages

Abstract: Abstract Cybersecurity is a critical concern in the transportation sector, where web applications play a pivotal role in managing essential services and sensitive data. Among the various cyber threats, SQL injection attacks pose a significant risk, potentially leading to unauthorized access, data breaches, and disruption of transportation systems. To address this challenge, an advanced approach is proposed that combines Artificial Intelligence (AI) techniques and Natural Language Processing (NLP) to detect and mitigate SQL injection attacks in transportation web applications. In the data collection phase, a comprehensive dataset of real-world attack instances is selected from publicly available sources specializing in cybersecurity datasets. The dataset includes a diverse range of attack vectors and addresses the issue of class imbalance by incorporating both successful and unsuccessful attack attempts. The preprocessing step involves employing NLP techniques to transform the textual input data into a suitable format for AI-based detection. Tokenization, stop-word removal, and stemming are applied to ensure the model effectively analyze and recognize attack patterns. For detection, a logistic regression model is utilized to estimate the probability of a successful SQL injection attack based on the relevant features. Oversampling and undersampling techniques are employed to handle class imbalance and improve the model’s performance. Additionally, feature selection techniques are implemented to reduce noise and enhance pattern recognition. The evaluation of our proposed approach demonstrates a remarkable accuracy detection rate of 99.97%, indicating the model's high capability to identify SQL injection attacks. The precision and recall values further validate the model’s effectiveness in correctly detecting successful attacks and minimizing false positives. The success of our approach lies in its ability to integrate AI and NLP techniques effectively, offering a more robust and reliable solution for detecting and mitigating SQL injection attacks in transportation web applications. By addressing the limitations and exploring future research directions, our approach holds promise in bolstering cybersecurity measures and safeguarding critical transportation infrastructure from evolving cyber threats.

Keywords: AI-based detection; SQL injection attacks; Transportation web applications; Cybersecurity; Natural language processing; Logistic regression; Oversampling; Undersampling; Feature selection; Class imbalance; Pattern recognition (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://link.springer.com/10.1007/s12198-023-00269-x Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:jtrsec:v:17:y:2024:i:1:d:10.1007_s12198-023-00269-x

Ordering information: This journal article can be ordered from
http://www.springer.com/journal/12198

DOI: 10.1007/s12198-023-00269-x

Access Statistics for this article

Journal of Transportation Security is currently edited by Andrew Thomas

More articles in Journal of Transportation Security from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().