一种基于大语言模型的SQL注入攻击检测方法

doi:10.3969/j.issn.1671-1122.2023.11.009

摘要/Abstract

摘要：

SQL注入攻击是一种被攻击者广泛使用的网络攻击手段，严重威胁网络空间安全。传统的SQL注入攻击检测方法主要有基于规则和基于机器学习两种，这些方法存在泛用性较差且误报率高的问题。文章提出一种基于大语言模型的SQL注入攻击检测方法，利用提示工程和指令微调技术，得到SQL注入攻击检测专用大语言模型；通过分析迭代轮数、微调样本数以及推理参数对模型性能的影响，探索提升大语言模型检测能力的途径；依托大语言模型强大的语义理解能力，降低检测误报率。对文章所提的SQL注入攻击检测专用大语言模型在Kaggle数据集上进行实验分析，结果表明其准确率达到99.85%以上，误报率低于0.2%，F1值达到0.999，相较于目前较先进的SQL注入攻击检测方法，在检测性能上有较大提升。

关键词: SQL注入攻击, 攻击检测, 大语言模型, 提示工程, 指令微调

Abstract:

The SQL injection attack, widely employed by attackers, poses a significant threat to cyberspace security. Traditional detection methods for SQL injection attacks include rule-based and machine learning-based method, suffering from limited applicability and high false positive rates. This paper proposed a large language model-based method for detecting SQL injection attacks. By applying prompt engineering and instruction fine-tuning techniques, a specialized large language model for SQL injection attack detection was developed; Additionally, the impact of iteration rounds, the number of fine-tuning samples and inference parameters on model performance was analyzed to enhance the detection capability of large language models; Leveraging the robust semantic understanding capability of the large language model significantly reduced the false positive rate. This paper conduct experimental analysis on a specialized large language model for SQL injection attack detection that we proposed, using the Kaggle dataset. The model achievedes an accuracy rate of over 99.85%, a false alarm rate of less than 0.2%, and an F1 score of 0.999. Compared to the current state-of-the-art methods for SQL injection attack detection, our model demonstrates a significant improvement in detection performance.

Key words: SQL injection attack, attack detection, large language model, prompt engineering, instruction tuning

中图分类号:

TP309

黄恺杰, 王剑, 陈炯峄. 一种基于大语言模型的SQL注入攻击检测方法[J]. 信息网络安全, 2023, 23(11): 84-93.

HUANG Kaijie, WANG Jian, CHEN Jiongyi. A Large Language Model Based SQL Injection Attack Detection Method[J]. Netinfo Security, 2023, 23(11): 84-93.

图/表 13

图1

图2

图3

表1

图4

表2

图5

图6

图7

图8

表3

表4

表5

参考文献 36

[1]	LU Dongzhe, FEI Jinlong, LIU Long. A Semantic Learning-Based SQL Injection Attack Detection Technology[J]. Electronics, 2023, 12: 1344-1356. doi: 10.3390/electronics12061344 URL
[2]	CLARKE J, FOWLER K, OFTEDAL E, et al. SQL Injection Attacks and Defense[M]. Ohio: Syngress, 2009.
[3]	OWASP. OWASP Top Ten[EB/OL]. (2023-05-25)[2023-08-12]. https://owasp.org/Top10/.
[4]	UWAGBOLE S O, BUCHANAN W J, FAN Lu. An Applied Pattern-Driven Corpus to Predictive Analytics in Mitigating SQL Injection Attack[C]// IEEE. Proceedings of the 2017 Seventh International Conference on Emerging Security Technologies (EST). New York: IEEE, 2017: 12-17.
[5]	UWAGBOLE S O, BUCHANAN W J, FAN Lu. Applied Machine Learning Predictive Analytics to SQL Injection Attack Detection and Prevention[C]// IEEE. Proceedings of the 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). New York: IEEE, 2017: 1087-1090.
[6]	GU Haifeng, ZHANG Jianning, LIU Tian, et al. DIAVA: A Traffic-Based Framework for Detection of SQL Injection Attacks and Vulnerability Analysis of Leaked Data[J]. IEEE Transactions on Reliability, 2020, 69(1): 188-202. doi: 10.1109/TR.24 URL
[7]	LIVSHITS V B, LAM M S. Finding Security Vulnerabilities in Java Applications with Static Analysis[C]// USENIX. Proceedings of the 14th Conference on USENIX Security Symposium. New York: USENIX Association, 2005: 18-29.
[8]	PROKHORENKO V, CHOO K-K R, ASHMAN H. Web Application Protection Techniques: A Taxonomy[J]. Journal of Network and Computer Applications, 2016, 60: 95-112. doi: 10.1016/j.jnca.2015.11.017 URL
[9]	HASAN M, BALBAHAITH Z, TARIQUE M. Detection of SQL Injection Attacks: A Machine Learning Approach[C]// IEEE. Proceedings of the 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA). New York: IEEE, 2019: 1-6.
[10]	LI Hongling, ZOU Jianxin. Research of SQL Injection Detection Based on SVM and Text Feature Extraction[J]. Netinfo Security, 2017, 17(12): 40-46.
	李红灵, 邹建鑫. 基于SVM和文本特征向量提取的SQL注入检测研究[J]. 信息网络安全, 2017, 17(12): 40-46.
[11]	FAROOQ U. Ensemble Machine Learning Approaches for Detection of SQL Injection Attack[J]. Tehnicki Glasnik, 2021, 15(1): 112-120.
[12]	GOWTHAM M, PRAMOD H B. Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection in IoT-Ecosystems[J]. IEEE Transactions on Reliability, 2022, 71(2): 1057-1074. doi: 10.1109/TR.2021.3124331 URL
[13]	TANG Peng, QIU Weidong, HUANG Zheng, et al. Detection of SQL Injection Based on Artificial Neural Network[J]. Knowledge-Based Systems, 2020, 190: 1-12.
[14]	BROWN T B, MANN B, RYDER N, et al. Language Models are Few-Shot Learners[EB/OL]. (2020-05-01)[2023-08-12]. https://ui.adsabs.harvard.edu/abs/2020arXiv200514165B.
[15]	RADFORD A, WU J, CHILD R, et al. Language Models are Unsupervised Multitask Learners[EB/OL]. (2019-02-27)[2023-08-12]. https://cdn.openai.com/better-language-models/language_models_are_unsupervised_multitask_learners.pdf.
[16]	JIAO Wenxiang, WANG Wenxuan, HUANG J, et al. Is ChatGPT a Good Translator? Yes with GPT-4 as The Engine[EB/OL]. (2023-05-19)[2023-08-12]. https://arxiv.org/pdf/2301.08745.pdf.
[17]	SANTIAGO E. AI in Content Creation: How Creators and Marketers are Using It Data[EB/OL]. (2023-04-17)[2023-08-12]. https://blog.hubspot.com/marketing/ai-in-content-marketing.
[18]	KEARY T. 12 Practical Large Language Model (LLM) Applications[EB/OL]. (2023-07-14)[2023-08-12]. https://www.techopedia.com/12-practical-large-language-model-llm-applications.
[19]	LAMB A. A Brief Introduction to Generative Models[EB/OL]. (2021-02-27)[2023-08-12]. https://arxiv.org/abs/2103.00265.
[20]	WEI J, BOSMA M, ZHAO V, et al. Finetuned Language Models are Zero-Shot Learners[EB/OL]. (2022-02-08)[2023-08-12]. https://arxiv.org/abs/2109.01652.
[21]	SYED S. SQL Injection Dataset[EB/OL]. (2021-09-09)[2023-08-12]. https://www.kaggle.com/datasets/syedsaqlainhussain/sql-injection-dataset.
[22]	ZHANG Wei, LI Yueqin, LI Xiaofeng, et al. Deep Neural Network-Based SQL Injection Detection Method[J]. Security and Communication Networks, 2022, 22: 1-9.
[23]	ROY P, KUMAR R, RANI P. SQL Injection Attack Detection by Machine Learning Classifier[C]// IEEE. Proceedings of the 2022 International Conference on Applied Artificial Intelligence and Computing (ICAAIC). New York: IEEE, 2022: 394-400.
[24]	OpenAI. Completion-OpenAI API[EB/OL]. [2023-08-12]. https://beta.openai.com/docs/guides/completion/prompt-design.
[25]	TAORI R, GULRAJANI I, ISHAAN G, et al. Stanford Alpaca: An Instruction-Following LLaMA Model[EB/OL]. (2023-05-30)[2023-08-12]. https://github.com/tatsu-lab/stanford_alpaca.
[26]	CHEN M, TWOEK J, JUN H, et al. Evaluating Large Language Models Trained on Code[EB/OL]. (2021-07-14)[2023-08-12]. https://arxiv.org/abs/2107.03374.
[27]	HU E J, SHEN Yelong, WALLIS P, et al. LoRA: Low-Rank Adaptation of Large Language Models[EB/OL]. (2021-06-17)[2023-08-12]. https://arxiv.org/abs/2106.09685.
[28]	NEIL H, ANDREI G, STANISLAW J, et al. Parameter-Efficient Transfer Learning for NLP[EB/OL]. (2019-06-13)[2023-08-12]. https://arxiv.org/pdf/1902.00751.pdf.
[29]	XIANG L L, PERCY L. Prefix-Tuning: Optimizing Continuous Prompts for Generation[EB/OL]. (2021-01-01)[2023-08-12]. https://browse.arxiv.org/pdf/2101.00190.pdf.
[30]	PEARCE H A, TAN B, AHMAD B, et al. Examining Zero-Shot Vulnerability Repair with Large Language Models[C]// IEEE. 44th IEEE Symposium on Security and Privacy. New York: IEEE, 2023: 2339-2356.
[31]	GRORGI G. Llama. cpp.[2023-08-12]. https://github.com/ggerganov/llama.cpp.
[32]	CARLOS M, ADRIAN W, LUCA A, et al. Lightning-AI/lit-llama: Implementation of the LLaMA Language Model Based on NanoGPT[EB/OL]. (2023-07-19)[2023-08-12]. https://github.com/Lightning-AI/lit-llama.
[33]	RAFFEL C, SHAZEER N, ROBERTS A, et al. Exploring the Limits of Transfer Learning with a Unified Text-to-Text Transformer[J]. Juornal of Machine Learning Research, 2020, 21(1): 1-53.
[34]	HUGO T, THUBAUT L, GATIER I, et al. LLaMA: Open and Efficient Foundation Language Models[EB/OL]. (2023-02-27)[2023-08-12]. https://arxiv.org/pdf/2302.13971.pdf.
[35]	LI Qi, LI Weishi, WANG Junfeng, et al. A SQL Injection Detection Method Based on Adaptive Deep Forest[J]. IEEE Access, 2019, 7: 145385-145394. doi: 10.1109/ACCESS.2019.2944951
[36]	GUO Chun, CAI Wenyan, SHEN Guowei, et al. Research on SQL Injection Attacks Detection Method Based on the Truncated Key Payload[J]. Netinfo Security, 2021, 21(7): 43-53.
	郭春, 蔡文艳, 申国伟, 等. 基于关键载荷截取的SQL注入攻击检测方法[J]. 信息网络安全, 2021, 21(7): 43-53.

关键字	映射标签
Yes, True, 1	SQL注入攻击类
No, False, 0	非SQL注入攻击类
其他	未知

样本类别	训练集/条	测试集/条	验证集/条
SQL注入攻击样本	8000	2000	200
非SQL注入攻击样本	8000	2000	200

模型	迭代轮数/轮	微调样本数/个	Temperature	Top P
SQLLM-7B	134400	16000	1.0	0.75
SQLLM-13B	134400	16000	0.4	0.75

方法	准确率	误报率	F1值
文献[11]方法	99.30%	0.70%	0.993
文献[12]方法	98.00%	未知	0.989
文献[22]方法	96.00%	3.84%	0.947
文献[23]方法	98.30%	2.29%	0.970
SQLLM-7B	99.85%	0.10%	0.999
SQLLM-13B	99.90%	0.20%	0.999

方法	模型	单个样本时间开销/ms
文献[13]方法	MLP	74.00
文献[35]方法	随机森林	2.94
文献[36]方法	Word2vec+KNN	13.30
SQLLM-7B	LLaMA2-7B	176.10
SQLLM-13B	LLaMA2-13B	295.60