An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology

Kasim Tasdemir; Rafiullah Khan; Fahad Siddiqui; Sakir Sezer; Fatih Kurugollu; Alperen Bolat

doi:10.1109/SOCC58585.2023.10256777

An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology

Kasim Tasdemir
, Rafiullah Khan
, Fahad Siddiqui
, Sakir Sezer
, Fatih Kurugollu
, Alperen Bolat

School of Electronics, Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Citations (Scopus)

Abstract

SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer promising alternatives; however, their computational requirements and the increasing volume of network traffic pose challenges for their application in conventional hardware. Data Processing Units (DPUs) have emerged as the tailored computing platform for infrastructure related workloads within data centers including security. This paper evaluates the performance and efficiency of classical ML methods for SQL injection detection utilising computing resources on DPUs.In this study, 20 prominent ML models are tested against a dataset comprising 30,000 SQL payloads, and their performance is compared in a series of experiments. The results indicate that the Passive Aggressive Classifier is the most suitable model for near-real-time detection, achieving a detection latency of approximately 0.3μs/sample with an accuracy of 99.78%. This paper demonstrates that ML methods can be efficiently and effectively deployed on DPUs for SQL injection detection, providing valuable insights into threat intelligence for enhancing data center security. The codes of this study can be found at: https://github.com/gdrlab/dpu-sqli-detection.

Original language	English
Title of host publication	2023 36th IEEE International System-on-Chip Conference: proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
Number of pages	6
ISBN (Electronic)	979-8-3503-0011-6
ISBN (Print)	979-8-3503-0012-3
DOIs	https://doi.org/10.1109/SOCC58585.2023.10256777
Publication status	Published - 22 Sept 2023
Event	36th IEEE International System-on-Chip Conference 2023 - Hyatt Regency, Santa Clara, United States Duration: 05 Sept 2023 → 08 Sept 2023 https://www.ieee-socc.org/

Publication series

Name	IEEE International System-on-Chip Conference (SOCC): proceedings
ISSN (Print)	2164-1676
ISSN (Electronic)	2164-1706

Conference

Conference	36th IEEE International System-on-Chip Conference 2023
Abbreviated title	SOCC 2023
Country/Territory	United States
City	Santa Clara
Period	05/09/2023 → 08/09/2023
Internet address	https://www.ieee-socc.org/

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 9 Industry, Innovation, and Infrastructure
SDG 11 Sustainable Cities and Communities

Keywords

SQL Injection
Attack Detection
Machine Learning
Passive Aggressive Analysis
Data Processing Unit
Network

ASJC Scopus subject areas

Artificial Intelligence
Computer Science Applications
General Engineering
General Computer Science

Access to Document

10.1109/SOCC58585.2023.10256777Licence: Unspecified

https://ieeexplore.ieee.org/document/10256777Licence: Unspecified

Cite this

Tasdemir, K., Khan, R., Siddiqui, F., Sezer, S., Kurugollu, F., & Bolat, A. (2023). An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology. In 2023 36th IEEE International System-on-Chip Conference: proceedings (IEEE International System-on-Chip Conference (SOCC): proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SOCC58585.2023.10256777

Tasdemir, Kasim ; Khan, Rafiullah ; Siddiqui, Fahad et al. / An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology. 2023 36th IEEE International System-on-Chip Conference: proceedings. Institute of Electrical and Electronics Engineers Inc., 2023. (IEEE International System-on-Chip Conference (SOCC): proceedings).

@inproceedings{6e41da51950f4d88bb888983fb0af6c1,

title = "An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology",

abstract = "SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer promising alternatives; however, their computational requirements and the increasing volume of network traffic pose challenges for their application in conventional hardware. Data Processing Units (DPUs) have emerged as the tailored computing platform for infrastructure related workloads within data centers including security. This paper evaluates the performance and efficiency of classical ML methods for SQL injection detection utilising computing resources on DPUs.In this study, 20 prominent ML models are tested against a dataset comprising 30,000 SQL payloads, and their performance is compared in a series of experiments. The results indicate that the Passive Aggressive Classifier is the most suitable model for near-real-time detection, achieving a detection latency of approximately 0.3μs/sample with an accuracy of 99.78\%. This paper demonstrates that ML methods can be efficiently and effectively deployed on DPUs for SQL injection detection, providing valuable insights into threat intelligence for enhancing data center security. The codes of this study can be found at: https://github.com/gdrlab/dpu-sqli-detection.",

keywords = "SQL Injection, Attack Detection, Machine Learning, Passive Aggressive Analysis, Data Processing Unit, Network",

author = "Kasim Tasdemir and Rafiullah Khan and Fahad Siddiqui and Sakir Sezer and Fatih Kurugollu and Alperen Bolat",

year = "2023",

month = sep,

day = "22",

doi = "10.1109/SOCC58585.2023.10256777",

language = "English",

isbn = "979-8-3503-0012-3",

series = "IEEE International System-on-Chip Conference (SOCC): proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "2023 36th IEEE International System-on-Chip Conference: proceedings",

address = "United States",

note = "36th IEEE International System-on-Chip Conference 2023, SOCC 2023 ; Conference date: 05-09-2023 Through 08-09-2023",

url = "https://www.ieee-socc.org/",

}

Tasdemir, K, Khan, R, Siddiqui, F, Sezer, S, Kurugollu, F & Bolat, A 2023, An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology. in 2023 36th IEEE International System-on-Chip Conference: proceedings. IEEE International System-on-Chip Conference (SOCC): proceedings, Institute of Electrical and Electronics Engineers Inc., 36th IEEE International System-on-Chip Conference 2023, Santa Clara, California, United States, 05/09/2023. https://doi.org/10.1109/SOCC58585.2023.10256777

An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology. / Tasdemir, Kasim; Khan, Rafiullah; Siddiqui, Fahad et al.
2023 36th IEEE International System-on-Chip Conference: proceedings. Institute of Electrical and Electronics Engineers Inc., 2023. (IEEE International System-on-Chip Conference (SOCC): proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology

AU - Tasdemir, Kasim

AU - Khan, Rafiullah

AU - Siddiqui, Fahad

AU - Sezer, Sakir

AU - Kurugollu, Fatih

AU - Bolat, Alperen

PY - 2023/9/22

Y1 - 2023/9/22

N2 - SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer promising alternatives; however, their computational requirements and the increasing volume of network traffic pose challenges for their application in conventional hardware. Data Processing Units (DPUs) have emerged as the tailored computing platform for infrastructure related workloads within data centers including security. This paper evaluates the performance and efficiency of classical ML methods for SQL injection detection utilising computing resources on DPUs.In this study, 20 prominent ML models are tested against a dataset comprising 30,000 SQL payloads, and their performance is compared in a series of experiments. The results indicate that the Passive Aggressive Classifier is the most suitable model for near-real-time detection, achieving a detection latency of approximately 0.3μs/sample with an accuracy of 99.78%. This paper demonstrates that ML methods can be efficiently and effectively deployed on DPUs for SQL injection detection, providing valuable insights into threat intelligence for enhancing data center security. The codes of this study can be found at: https://github.com/gdrlab/dpu-sqli-detection.

AB - SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer promising alternatives; however, their computational requirements and the increasing volume of network traffic pose challenges for their application in conventional hardware. Data Processing Units (DPUs) have emerged as the tailored computing platform for infrastructure related workloads within data centers including security. This paper evaluates the performance and efficiency of classical ML methods for SQL injection detection utilising computing resources on DPUs.In this study, 20 prominent ML models are tested against a dataset comprising 30,000 SQL payloads, and their performance is compared in a series of experiments. The results indicate that the Passive Aggressive Classifier is the most suitable model for near-real-time detection, achieving a detection latency of approximately 0.3μs/sample with an accuracy of 99.78%. This paper demonstrates that ML methods can be efficiently and effectively deployed on DPUs for SQL injection detection, providing valuable insights into threat intelligence for enhancing data center security. The codes of this study can be found at: https://github.com/gdrlab/dpu-sqli-detection.

KW - SQL Injection

KW - Attack Detection

KW - Machine Learning

KW - Passive Aggressive Analysis

KW - Data Processing Unit

KW - Network

U2 - 10.1109/SOCC58585.2023.10256777

DO - 10.1109/SOCC58585.2023.10256777

M3 - Conference contribution

SN - 979-8-3503-0012-3

T3 - IEEE International System-on-Chip Conference (SOCC): proceedings

BT - 2023 36th IEEE International System-on-Chip Conference: proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 36th IEEE International System-on-Chip Conference 2023

Y2 - 5 September 2023 through 8 September 2023

ER -

Tasdemir K, Khan R, Siddiqui F, Sezer S, Kurugollu F, Bolat A. An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology. In 2023 36th IEEE International System-on-Chip Conference: proceedings. Institute of Electrical and Electronics Engineers Inc. 2023. (IEEE International System-on-Chip Conference (SOCC): proceedings). doi: 10.1109/SOCC58585.2023.10256777

An investigation of machine learning algorithms for high-bandwidth SQL injection detection utilising BlueField-3 DPU technology

Abstract

Publication series

Conference

UN SDGs

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this