Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning

Myeong-Gyu Eo; Sanghoon Jeon

Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning

Myeong-Gyu Eo

Sanghoon Jeon

Vol. 51, No. 1, pp. 35-44, Jan. 2026

10.7840/kics.2026.51.1.35

PDF Full-Text

Abstract

SQL injection is a major security threat in web applications. Existing detection methods are limited by a structural trade-off: fast detection comes at the cost of lower accuracy, while higher accuracy results in slower detection. To address this, we propose a two-stage detection (TSD) framework that combines pattern matching in the first stage with machine learning in the second stage. In the TSD framework, known attacks are rapidly filtered through pattern matching, and undetected queries are analyzed in detail using a machine learning model. Experiments using the Kaggle SQL Injection Dataset showed that TSD consistently increased recall across all models (Random Forest, Support Vector Machine, Logistic Regression XGBoost) compared to standalone machine learning, while also reducing detection time. This paper presents a practical solution for real-time SQL injection detection that simultaneously improves recall and reduces detection latency. Future work will focus on enhancing the practicality through online pattern updates and the expansion of datasets to address diverse attack scenarios.

Statistics

Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.

SeokHyun Moon, Jongbin Lee · Vol. 49, No. 2

Sohee Yoo, Gyuwon Hwang, Jaehyun Yoo · Vol. 50, No. 4

Md Raihan Subhan, Md Mahinur Alam, Mohtasin Golam, Md Facklasur Rahaman, Taesoo Jun · Vol. 50, No. 12

Jeong-Yun Heo, Hyun-Jong Lee, Jae-Han Lim · Vol. 49, No. 6

Love Allen Chijioke Ahakonye, Cosmas Ifeanyi Nwakanma, Jae Min Lee, Dong-Seong Kim · Vol. 49, No. 2

Cite this article

[IEEE Style]

M. Eo and S. Jeon, "Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning," The Journal of Korean Institute of Communications and Information Sciences, vol. 51, no. 1, pp. 35-44, 2026. DOI: 10.7840/kics.2026.51.1.35.

[ACM Style]

Myeong-Gyu Eo and Sanghoon Jeon. 2026. Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning. The Journal of Korean Institute of Communications and Information Sciences, 51, 1, (2026), 35-44. DOI: 10.7840/kics.2026.51.1.35.

[KICS Style]

Myeong-Gyu Eo and Sanghoon Jeon, "Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning," The Journal of Korean Institute of Communications and Information Sciences, vol. 51, no. 1, pp. 35-44, 1. 2026. (https://doi.org/10.7840/kics.2026.51.1.35)

Vol. 51, No. 1 Index

Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning

Submenu

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

Recent Publications
(LAST 3 YEARS)

Two-stage SQL Injection Detection Method Using Pattern Matching and Machine Learning

Research on Improving Fetal Health Prediction Model Using Optimal Fetal Feature Selection Technique

Detection of Psychological Risk for Protected Individuals by Using PPG Signals from Smartwatch

Blockchain-Aided Intrusion Detection in Marine Tactical Network Using Reinforcement Learning

Low-Power Intrusion Detection System Using SNNs

AI Model Stability in Industrial IoT Intrusion Detection: Leveraging the Characteristics Stability Index

Submenu

Search (IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS(TOP 10 KEYWORDS)

Recent Publications(LAST 3 YEARS)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)