AI-Driven SQL Injection Prevention: Strengthening Database Security
DOI:
https://doi.org/10.53555/ephijse.v11i1.285Keywords:
SQL Injection, AI-based Security, Database ProtectionAbstract
Still a common & serious cybersecurity threat, SQL injection allows the attackers to change database searches & gain illegal access to private information. Although they typically prove insufficient against emerging attack strategies, conventional security measures such as input validation and parameterized searches help to reduce risk. In this sense, artificial intelligence (AI) is transforming database security. Artificial intelligence can find anomalies, quickly identify likely hazards, and project attack paths before they materialize by means of machine learning and behavioral analysis. Unlike conventional rule-based systems, artificial intelligence is always changing to meet new challenges, hence it is a useful tool for improving the defenses against SQL injection. The ability of AI-driven security models to significantly reduce the SQL injection vulnerabilities is investigated in this work. Using AI-driven detection and preventative solutions helps to show an 80% decrease in successful SQL injection attempts. Artificial intelligence evaluates database query patterns and precisely and fast distinguishes between safe and harmful inputs, therefore improving security. Moreover, AI-driven systems can independently control risks, hence lowering reliance on human response times and intervention. Artificial intelligence offers companies trying to protect their data from misuse a proactive and scalable answer as cyber threats develop more complicated. This paper provides a pragmatic analysis of modern security solutions, investigates the possibility of artificial intelligence to restrict SQL injection, and clarifies the science behind their use. Strong database protection provided by the AI-driven security helps companies to proactively reduce risks & guarantee continuous operations by means of the counter measures.
References
Ferrari, Andrea. "AI-Enhanced Intrusion Detection Systems for Protecting SQL and NoSQL Databases from Cyber Threats." Advances in Computer Sciences 6.1 (2023).
Kaul, Deepak, and Rahul Khurana. "AI to detect and mitigate security vulnerabilities in APIs: encryption, authentication, and anomaly detection in enterprise-level distributed systems." Eigenpub Review of Science and Technology 5.1 (2021): 34-62.
Kenzie, Florence. "Integrating Artificial Intelligence with Database Technologies: A New Frontier in Cybersecurity." (2021).
Komaragiri, Venkata Bhardwaj, and Andrew Edward. "AI-Driven Vulnerability Management and Automated Threat Mitigation." International Journal of Scientific Research and Management (IJSRM) 10.10 (2022): 981-998.
Vance, Taylor Rodriguez. "Examination of Applications of Artificial Intelligence in Cybersecurity: Strengthening National Defense with AI."
Kumari, Aparna, et al. "AI-empowered attack detection and prevention scheme for smart grid system." Mathematics 10.16 (2022): 2852.
Ricol, Jason. "AI for Secure Software Development: Identifying and Fixing Vulnerabilities with Machine Learning." (2022).
Krishnamurthy, Oku. "Enhancing Cyber Security Enhancement Through Generative AI." International Journal of Universal Science and Engineering 9.1 (2023): 35-50.
Kasula, Vinay Kumar, et al. "Enhancing financial cybersecurity: An AI-driven framework for safeguarding digital assets." (2022).
Williams, Patricia AH, and Andrew J. Woodward. "Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem." Medical Devices: Evidence and Research (2015): 305-316.
Hyatt, Derrick. "Web 2.0 injection infection vulnerability class." Information Security Journal: A Global Perspective 18.5 (2009): 213-223.
Le Grand, Charles, and Dan Sarel. "Database access, security, and auditing for PCI compliance." EDPAC: The EDP Audit, Control, and Security Newsletter 37.4-5 (2008): 6-32.
Choraś, Michał. "Comprehensive approach to information sharing for increased network security and survivability." Cybernetics and Systems 44.6-7 (2013): 550-568.
Njenga, Kennedy, and Irwin Brown. "Conceptualising improvisation in information systems security." European journal of information systems 21.6 (2012): 592-607.
Collins, Sean, and Stephen McCombie. "Stuxnet: the emergence of a new cyber weapon and its implications." Journal of Policing, Intelligence and Counter Terrorism 7.1 (2012): 80-91.
