Abstract

SQL injection (SQLi) remains a significant cybersecurity threat, enabling attackers to gain unauthorized access to databases and manipulate sensitive information. Traditional detection methods, such as signature-based and heuristic approaches, often fail to recognize novel and evolving attack patterns, making them less effective against emerging threats. This study proposes an advanced machine learning (ML) approach to enhance SQLi detection by evaluating XGBoost, Support Vector Machine (SVM), and ensemble learning techniques. Specifically, we assess the performance of Stacking Ensemble and Soft Voting Ensemble on two publicly available SQLi datasets, measuring accuracy, precision, recall, and F1-score to ensure a comprehensive evaluation. Our findings indicate that XGBoost achieves high accuracy and precision, while ensemble techniques, particularly Stacking Ensemble, demonstrate improved overall performance by leveraging the strengths of multiple classifiers. Additionally, we employ Local Interpretable Model-agnostic Explanations (LIME) to enhance the interpretability of the ML models, providing insights into the key features influencing classification decisions. Despite the promising results, challenges such as data imbalance and potential overfitting are considered and discussed. This research contributes to the development of more robust and interpretable ML-based SQLi detection systems, aiming to improve the security of modern web applications.