*Article* **Deep Learning Architecture for Detecting SQL Injection Attacks Based on RNN Autoencoder Model**

**Maha Alghawazi \* , Daniyal Alghazzawi and Suaad Alarifi**

Information Systems Department, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 80200, Saudi Arabia; dghazzawi@kau.edu.sa (D.A.); salarifi@kau.edu.sa (S.A.)

**\*** Correspondence: mmohammadalqhtani@stu.kau.edu.sa

**Abstract:** SQL injection attacks are one of the most common types of attacks on Web applications. These attacks exploit vulnerabilities in an application's database access mechanisms, allowing attackers to execute unauthorized SQL queries. In this study, we propose an architecture for detecting SQL injection attacks using a recurrent neural network autoencoder. The proposed architecture was trained on a publicly available dataset of SQL injection attacks. Then, it was compared with several other machine learning models, including ANN, CNN, decision tree, naive Bayes, SVM, random forest, and logistic regression models. The experimental results showed that the proposed approach achieved an accuracy of 94% and an F1-score of 92%, which demonstrate its effectiveness in detecting QL injection attacks with high accuracy in comparison to the other models covered in the study.

**Keywords:** SQL injection attacks; recurrent neural network (RNN) autoencoder; ANN; CNN; decision tree; naive Bayes; SVM; random forest; logistic regression

**MSC:** 68T99
