Securing transportation web applications: An AI-driven approach to detect and mitigate SQL injection attacks

Cybersecurity is a critical concern in the transportation sector, where web applications play a pivotal role in managing essential services and sensitive data. Among the various cyber threats, SQL injection attacks pose a significant risk, potentially leading to unauthorized access, data breaches, and disruption of transportation systems. To address this challenge, an advanced approach is proposed that combines Artificial Intelligence (AI) techniques and Natural Language Processing (NLP) to detect and mitigate SQL injection attacks in transportation web applications. In the data collection phase, a comprehensive dataset of real-world attack instances is selected from publicly available sources specializing in cybersecurity datasets. The dataset includes a diverse range of attack vectors and addresses the issue of class imbalance by incorporating both successful and unsuccessful attack attempts. The preprocessing step involves employing NLP techniques to transform the textual input data into a suitable format for AI-based detection. Tokenization, stop-word removal, and stemming are applied to ensure the model effectively analyze and recognize attack patterns. For detection, a logistic regression model is utilized to estimate the probability of a successful SQL injection attack based on the relevant features. Oversampling and undersampling techniques are employed to handle class imbalance and improve the model’s performance. Additionally, feature selection techniques are implemented to reduce noise and enhance pattern recognition. The evaluation of our proposed approach demonstrates a remarkable accuracy detection rate of 99.97%, indicating the model's high capability to identify SQL injection attacks. The precision and recall values further validate the model’s effectiveness in correctly detecting successful attacks and minimizing false positives. The success of our approach lies in its ability to integrate AI and NLP techniques effectively, offering a more robust and reliable solution for detecting and mitigating SQL injection attacks in transportation web applications. By addressing the limitations and exploring future research directions, our approach holds promise in bolstering cybersecurity measures and safeguarding critical transportation infrastructure from evolving cyber threats.