IDEAS home Printed from https://ideas.repec.org/a/aac/ijirss/v8y2025i3p2759-2773id7077.html
   My bibliography  Save this article

An integrated AI-blockchain framework for securing web applications, mitigating SQL injection, model poisoning, and IoT spoofing attacks

Author

Listed:
  • Rami Almatarneh
  • Mohammad Aljaidi
  • Ayoub Alsarhan
  • Sami Aziz Alshammari
  • Fahd Alhamazani
  • Ahmed Badi Alshammari

Abstract

The rapid evolution of Web 4.0, characterized by decentralized systems, real-time data processing, and AI-driven interfaces, presents serious security threats such as SQL injection (SQLi) attacks, adversarial model poisoning, and IoT device spoofing. This paper presents a unified AI-blockchain framework designed to address these vulnerabilities, incorporating bidirectional LSTM networks for SQLi detection, Trimmed Mean aggregation with a reputation system for model poisoning defense, and CNN-based IoT authentication anchored to a decentralized blockchain. Evaluated on the Bitcoin OTC trust network, the framework clearly shows outstanding performance, with SQLi detection achieving 96.2% accuracy (94.8% precision and 92.5% recall), far outperforming traditional rule-based systems such as Snort (82.1% accuracy). The success rate of model poisoning attacks is reduced from 78% (in the absence of defense) to just 12% through the application of Trimmed Mean aggregation and dynamic reputation scoring, while IoT spoofing detection attains a 91.3% F1-score through cosine similarity-based matching of network traffic embeddings. The blockchain layer, which uses Delegated Proof-of-Stake (DPoS) consensus, achieves 1,450 transactions per second (TPS) with a validation latency of only 220 milliseconds, ensuring efficient real-time auditability. Furthermore, user trust scores increased by 48% after implementation (4.3/5 vs. 2.9/5 before implementation), confirming the framework's practical impact. Nevertheless, some limitations still persist, such as the 15% latency overhead due to federated learning and the use of synthetic IoT data, which may limit or reduce the framework's real-world applicability. The proposed combination of AI-based adaptive threat detection and blockchain-based tamper-proof transparency will pave the way for secure, user-focused architectures in Web 4.0, providing a scalable framework to address the evolving cyber threats in decentralized environments.

Suggested Citation

  • Rami Almatarneh & Mohammad Aljaidi & Ayoub Alsarhan & Sami Aziz Alshammari & Fahd Alhamazani & Ahmed Badi Alshammari, 2025. "An integrated AI-blockchain framework for securing web applications, mitigating SQL injection, model poisoning, and IoT spoofing attacks," International Journal of Innovative Research and Scientific Studies, Innovative Research Publishing, vol. 8(3), pages 2759-2773.
    • Handle: RePEc:aac:ijirss:v:8:y:2025:i:3:p:2759-2773:id:7077
    as

    Download full text from publisher

    File URL: https://ijirss.com/index.php/ijirss/article/view/7077/1466
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:aac:ijirss:v:8:y:2025:i:3:p:2759-2773:id:7077. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Natalie Jean (email available below). General contact details of provider: https://ijirss.com/index.php/ijirss/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.