**2. Literature Review**

This section explores a variety of ML and DL techniques found in the literature for the detection of SQL injection attacks.

Ketema [1] used a deep learning convolutional neural network (CNN) to build a model to prevent an SQLI using a public benchmark dataset. The model was trained using deep learning with different hyperparameter values and five different scenarios. The model achieved an accuracy of 97%. Roy et al. [9] presented a method for detecting SQL injection attacks using machine learning classifiers. The authors used five ML classifiers (logistic regression, AdaBoost, naive Bayes, XGBoost, and random forest) to classify SQL queries as either legitimate or malicious. The proposed model was trained and evaluated using a publicly available dataset of SQL injection attacks on Kaggle. The results of the study showed that the best performance was achieved by the naive Bayes classifier, with an accuracy of 98.33%. Finally, the authors performed a comparison with previous work. Overall, the study demonstrated the potential of machine learning classifiers in improving the accuracy and efficiency of SQL injection attack detection.

S.S. Anandha Krishnan et al. [10] proposed a machine learning-based approach for detecting SQL injection attacks. The authors argued that traditional signature-based approaches are ineffective against advanced attacks, and machine learning can help address this issue. The authors first described the various types of SQL injection attacks and their impact on Web applications. They then outlined the proposed framework, which consisted of preprocessing the data, feature extraction, model training, and evaluation. The results showed that the CNN classifier model performed better than the other classifiers in terms of accuracy, precision, recall, and F1-score. Rahul et al. [11] proposed a novel method of protecting against SQL injection and cross-site scripting (XSS) attacks by augmenting the Web application firewall (WAF) with a honeypot. The WAF filters incoming traffic using established patterns, while the honeypot is designed to attract attackers and capture information about their attack methods, which is then used to improve the WAF's ability to detect and prevent future attacks. The proposed method was evaluated through experiments, and the results suggested that the combination of a honeypot and WAF can effectively protect Web applications from these types of attacks.

Zhang et al. [4] proposed a method for detecting SQL injection attacks using a deep neural network. The authors stated that traditional methods of SQL injection attack detection have limitations, prompting the development of their new approach. The authors gathered a dataset of clean and malicious queries and used it to train a deep neural network classifier with several layers. They then compared the result of the proposed method with the traditional machine learning algorithms, including KNN, DT, and LSTM algorithms. Liu et al. [12] proposed a new approach called DeepSQLi for the automated detection of SQL injection vulnerabilities in Web applications using deep semantic learning techniques. DeepSQLi uses a deep neural network to learn the semantic meanings of SQL queries and identify potential injection vulnerabilities. The model is trained using a dataset of benign and malicious SQL queries and leverages multiple layers of convolutional and recurrent neural networks. The experimental results showed that DeepSQLi outperformed SQLmap, and more SQLi attacks could be identified faster while using a lower number of test cases. Chen et al. [3] presented a novel approach for detecting and preventing SQL injection attacks on Web applications using deep learning algorithms. The authors trained and evaluated the performance of a convolutional neural network (CNN) and a multilayer perceptron (MLP) and compared them in terms of accuracy, precision, recall, and F1-score metrics. The experimental results showed that the CNN and MLP models both performed well for SQL injection attack detection.

In summary, deep learning-based approaches have shown great promise in detecting SQL injection attacks. These approaches can learn the underlying patterns in the input data and detect any anomalies, making them more effective in detecting disguised attacks. In this research, our goal was to explore the effectiveness of the proposed RNN autoencoder in detecting SQL injections.
