Publication Date

Spring 2019

Degree Type

Master's Project

Degree Name

Master of Science (MS)


Computer Science

First Advisor

Robert Chun

Second Advisor

Nada Attar

Third Advisor

Terence Runge


SQL Injection Attack, Machine Learning Classifier


Sharing information over the Internet over multiple platforms and web-applications has become a quite common phenomenon in the recent times. The web-based applications that accept critical information from users store this information in databases. These applications and the databases connected to them are susceptible to all kinds of information security threats due to being accessible through the Internet. The threats include attacks such as Cross Side Scripting (CSS), Denial of Service Attack (DoS0, and Structured Query Language (SQL) Injection attacks. SQL Injection attacks fall under the top ten vulnerabilities when we talk about web-based applications. Through this kind of attack, the attacker can steal critical and confidential information and hence it could have damaging effects on a business or organization. The effects could range from monetary loss, leaking confidential business information, decrease in company’s stock market value or any combination of these. In this paper we have used an algorithm called Gradient Boosting Classifier from ensemble machine learning approaches to classify and detect SQL Injection attacks.