학술논문
NoSQL Injection Detection Using Deep Neural Network and Principal Component Analysis of Injection Feature Vectors
Document Type
Conference
Source
2024 International Conference on Computer, Control, Informatics and its Applications (IC3INA) Computer, Control, Informatics and its Applications (IC3INA), 2024 International Conference on. :54-59 Oct, 2024
Subject
Language
ISSN
2994-5925
Abstract
NoSQL database has gained popularity in Big Data and other various applications for its simplicity and flexibility. The non-relational nature of NoSQL database such as MongoDB proves to improve development lifecycles and resources efficiency. However, security challenges arise along with increasing usage of NoSQL database, and NoSQL database is no exception to injection attacks. Machine learning proved to be an efficient method, as much has been researched. However, in the future there may be an increasing complexity of features that may prove costly to the model’s performance. Therefore, this research aims to utilize principal component analysis as dimensionality reduction and deep neural network as the classification method, to improve the security of NoSQL database. The text query is converted to feature vectors then further processed to reduce the input dimension of the deep neural network using PCA. The features used are based on previous research and various sources, and some are added after analyzing the dataset.10-fold cross validation is also applied to ensure that the model does not overfit the data, attempting to reduce bias to the result. The 10-fold cross validation model accuracy result is in average 97.44% with a standard deviation of 1.7%, and the testing results are 97.5% in accuracy,95.65% in precision, 91.67% in recall, and 93.61% in F1 score. Thus, it can be concluded that the usage of PCA on injection feature vectors can reduce complexity of the model.