Combining Regular Expressions and Machine Learning for SQL Injection Detection in Urban Computing




Security, Injection, Machine Learning, Regex


Given the vast amount of data generated in urban environments the rapid advancements in information technology urban environments and the continual advancements in information technology, several online urban services have emerged in recent years. These services employ relational databases to store the collected data, thereby making them vulnerable to potential threats, including SQL Injection (SQLi) attacks. Hence, there is a demand for security solutions that improve detection efficiency and satisfy the response time and scalability requirements of this detection process. Based on this existing demand, this article proposes an SQLi detection solution that combines Regular Expressions (RegEx) and Machine Learning (ML), called Two Layer approach of SQLi Detection (2LD-SQLi). The RegEx acts as a first layer of filtering for protection against SQLi inputs, improving the response time of 2LD-SQLi through RegEx filtering. From this filtering, it is analyzed by an ML model to detect SQLi, increasing the accuracy. Experiments, using a real dataset, suggest that 2LD-SQLi is suitable for detecting SQLi while meeting the efficiency and scalability issues.


Download data is not yet available.

Author Biography

Rafael L. Gomes, Universidade Estadual do Ceará (UECE)

Rafael Lopes Gomes is an Associate Professor of State University of Ceará (UECE) and has a Productivity Technological Development and Innovative Extension Scholarship of CNPq (DT - Level 2). Currently, he is the coordinator of the Laboratory of Computer Networks and Security (LARCES). He received a Ph.D degree in Computer Science from the University of Campinas (UNICAMP) in Brazil. He was a research visitor at Network Research Lab from the University of California Los Angeles (UCLA) in 2014. He has experience and R&D projects on the following topics: Network Management, Cybersecurity, Software Defined Networks, Resilience Planning, Wireless Networks and Internet of Things.


Chen, Q., Wang, X., Ye, X., Durrett, G., and Dillig, I. (2020). Multi-modal synthesis of regular expressions. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2020, page 487–502, New York, NY, USA. Association for Computing Machinery. DOI: 10.1145/3385412.3385988.

Costa, W. L., Portela, A. L., and Gomes, R. L. (2021). Features-aware ddos detection in heterogeneous smart environments based on fog and cloud computing. International Journal of Communication Networks and Information Security, 13(3):491-498. Available online [link].

Crespo-Martínez, I. S., Campazas-Vega, A., Guerrero-Higueras, Á. M., Riego-DelCastillo, V., Álvarez-Aparicio, C., and Fernández-Llamas, C. (2023). Sql injection attack detection in network flow data. Computers & Security, 127:103093. DOI: 10.1016/j.cose.2023.103093.

da Silva, G., Oliveira, D., Gomes, R. L., Bittencourt, L. F., and Madeira, E. R. M. (2020). Reliable network slices based on elastic network resource demand. In NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, pages 1-9. DOI: 10.1109/NOMS47738.2020.9110316.

Das, D., Sharma, U., and Bhattacharyya, D. K. (2019). Defeating sql injection attack in authentication security: an experimental study. International Journal of Information Security, 18(1):1-22. DOI: 10.1007/s10207-017-0393-x.

Devalla, V., Srinivasa Raghavan, S., Maste, S., Kotian, J. D., and Annapurna, D. D. (2022). murli: A tool for detection of malicious urls and injection attacks. Procedia Computer Science, 215:662-676. 4th International Conference on Innovative Data Communication Technology and Application. DOI: 10.1016/j.procs.2022.12.068.

Fadolalkarim, D., Bertino, E., and Sallam, A. (2020). An anomaly detection system for the protection of relational database systems against data leakage by application programs. In 2020 IEEE 36th International Conference on Data Engineering (ICDE), pages 265-276. DOI: 10.1109/ICDE48307.2020.00030.

Geldenhuys, M. K., Will, J., Pfister, B. J. J., Haug, M., Scharmann, A., and Thamsen, L. (2021). Dependable iot data stream processing for monitoring and control of urban infrastructures. In 2021 IEEE International Conference on Cloud Engineering (IC2E), pages 244-250. DOI: 10.1109/IC2E52221.2021.00041.

Gomes, R. L., Bittencourt, L. F., and Madeira, E. R. M. (2020). Reliability-aware network slicing in elastic demand scenarios. IEEE Communications Magazine, 58(10):29-34. DOI: 10.1109/MCOM.001.2000753.

Gowtham, M. and Pramod, H. B. (2022). Semantic query-featured ensemble learning model for sql-injection attack detection in iot-ecosystems. IEEE Transactions on Reliability, 71(2):1057-1074. DOI: 10.1109/TR.2021.3124331.

Hosam, E., Hosny, H., Ashraf, W., and Kaseb, A. S. (2021). Sql injection detection using machine learning techniques. In 2021 8th International Conference on Soft Computing Machine Intelligence (ISCMI), pages 15-20. DOI: 10.1109/ISCMI53840.2021.9654820.

Li, Q., Li, W., Wang, J., and Cheng, M. (2019). A sql injection detection method based on adaptive deep forest. IEEE Access, 7:145385-145394. DOI: 10.1109/ACCESS.2019.2944951.

Lv, Z., Hu, B., and Lv, H. (2020). Infrastructure monitoring and operation for smart cities based on iot system. IEEE Transactions on Industrial Informatics, 16(3):1957-1962. DOI: 10.1109/TII.2019.2913535.

Moreira, D. A. B., Marques, H. P., Costa, W. L., Celestino, J., Gomes, R. L., and Nogueira, M. (2021). Anomaly detection in smart environments using ai over fog and cloud computing. In 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC), pages 1-2. DOI: 10.1109/CCNC49032.2021.9369449.

Musznicki, B., Piechowiak, M., and Zwierzykowski, P. (2022). Modeling real-life urban sensor networks based on open data. Sensors, 22(23). DOI: 10.3390/s22239264.

Parashar, D., Sanagavarapu, L. M., and Reddy, Y. R. (2021). Sql injection vulnerability identification from text. In 14th Innovations in Software Engineering Conference (Formerly Known as India Software Engineering Conference), ISEC 2021, New York, NY, USA. Association for Computing Machinery. DOI: .

Portela, A. L., Menezes, R. A., Costa, W. L., Silveira, M. M., Bittecnourt, L. F., and Gomes, R. L. (2023). Detection of iot devices and network anomalies based on anonymized network traffic. In NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, pages 1-6. DOI: 10.1109/NOMS56928.2023.10154276.

Portela, A. L. C., Ribeiro, S. E. S. B., Menezes, R. A., de Araujo, T., and Gomes, R. L. (2024). T-for: An adaptable forecasting model for throughput performance. IEEE Transactions on Network and Service Management, pages 1-1. DOI: 10.1109/TNSM.2024.3349701.

Rahul, S., Vajrala, C., and Thangaraju, B. (2021). A novel method of honeypot inclusive waf to protect from sql injection and xss. In 2021 International Conference on Disruptive Technologies for Multi-Disciplinary Research and Applications (CENTCON), volume 1, pages 135-140. DOI: 10.1109/CENTCON52345.2021.9688059.

Rizvi, S., Kurtz, A., Pfeffer, J., and Rizvi, M. (2018). Securing the internet of things (iot): A security taxonomy for iot. In 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pages 163-168. DOI: 10.1109/TrustCom/BigDataSE.2018.00034.

Rodrigues, D. O., Santos, F. A., Filho, G. P. R., Akabane, A. T., Cabral, R., Immich, R., Junior, W. L., Cunha, F. D., Guidoni, D. L., Silva, T. H., Rosário, D., Cerqueira, E., Loureiro, A. A. F., and Villas, L. A. (2019). Computacc ao urbana da teoria `a pr'atica: Fundamentos, aplicacc oes e desafios.

Roy, P., Kumar, R., and Rani, P. (2022). Sql injection attack detection by machine learning classifier. In 2022 International Conference on Applied Artificial Intelligence and Computing (ICAAIC), pages 394-400. DOI: 10.1109/ICAAIC53929.2022.9792964.

Silveira, M. M., Portela, A. L., Menezes, R. A., Souza, M. S., Silva, D. S., Mesquita, M. C., and Gomes, R. L. (2023). Data protection based on searchable encryption and anonymization techniques. In NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, pages 1-5. DOI: 10.1109/NOMS56928.2023.10154280.

Souza, M., Ribeiro, S., and Gomes, R. (2023). Detecção de ameaças de injeção de sql em serviços de computação urbana. In Anais do VII Workshop de Computação Urbana, pages 145-158, Porto Alegre, RS, Brasil. SBC. DOI: 10.5753/courb.2023.801.

Tang, P., Qiu, W., Huang, Z., Lian, H., and Liu, G. (2020). Detection of sql injection based on artificial neural network. Knowledge-Based Systems, 190:105528. DOI: 10.1016/j.knosys.2020.105528.

Xie, X., Ren, C., Fu, Y., Xu, J., and Guo, J. (2019). Sql injection detection for web applications based on elastic-pooling cnn. IEEE Access, 7:151475-151481. DOI: 10.1109/ACCESS.2019.2947527.

Ye, X., Chen, Q., Wang, X., Dillig, I., and Durrett, G. (2020). Sketch-Driven Regular Expression Generation from Natural Language and Examples. Transactions of the Association for Computational Linguistics, 8:679-694. DOI: 10.1162/tacl_a_00339.




How to Cite

Souza, M. S., Ribeiro, S. E. S. B., Lima, V. C., Cardoso, F. J., & Gomes, R. L. (2024). Combining Regular Expressions and Machine Learning for SQL Injection Detection in Urban Computing. Journal of Internet Services and Applications, 15(1), 103–111.



Special Call: Best or CoUrb/SBRC 2023