An Investigation of Machine Learning Algorithms for High-bandwidth SQL Injection Detection Utilising BlueField-3 DPU Technology

SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer pro...

Full description

Saved in:
Bibliographic Details
Published in2023 IEEE 36th International System-on-Chip Conference (SOCC) pp. 1 - 6
Main Authors Tasdemir, Kasim, Khan, Rafiullah, Siddiqui, Fahad, Sezer, Sakir, Kurugollu, Fatih, Bolat, Alperen
Format Conference Proceeding
LanguageEnglish
Published IEEE 05.09.2023
Subjects
Attack Detection
Computational modeling
Cross-site scripting
Data centers
Data Processing Unit
Machine Learning
Network
Network security
Passive Aggressive Analysis
SQL injection
Telecommunication traffic
Training
Online AccessGet full text

Cover

More Information
Summary:SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer promising alternatives; however, their computational requirements and the increasing volume of network traffic pose challenges for their application in conventional hardware. Data Processing Units (DPUs) have emerged as the tailored computing platform for infrastructure related workloads within data centers including security. This paper evaluates the performance and efficiency of classical ML methods for SQL injection detection utilising computing resources on DPUs.In this study, 20 prominent ML models are tested against a dataset comprising 30,000 SQL payloads, and their performance is compared in a series of experiments. The results indicate that the Passive Aggressive Classifier is the most suitable model for near-real-time detection, achieving a detection latency of approximately 0.3μs/sample with an accuracy of 99.78%. This paper demonstrates that ML methods can be efficiently and effectively deployed on DPUs for SQL injection detection, providing valuable insights into threat intelligence for enhancing data center security. The codes of this study can be found at: https://github.com/gdrlab/dpu-sqli-detection.
ISSN:2164-1706
DOI:10.1109/SOCC58585.2023.10256777