Mohammed A M OudahMohd Fadzli Marhusin2024-05-302024-05-302024Mohammed A M Oudah, & Mohd Fadzli Marhusin. (2024). SQL Injection Detection using Machine Learning: A Review. Malaysian Journal of Science Health & Technology, 10(1), 39–49. https://doi.org/10.33102/mjosht.v10i1.3682601-000310.33102/mjosht.v10i1.368https://mjosht.usim.edu.my/index.php/mjosht/article/view/368/220https://oarep.usim.edu.my/handle/123456789/15405Malaysian Journal of Science, Health & Technology (MJoSHT) Volume 10 Issue 1 Page (50-57)SQL injection attacks are critical security vulnerability exploitation in web applications, posing risks to data, if successfully executed, allowing attackers to gain unauthorised access to sensitive data. Due to the absence of a standardised structure, traditional signature-based detection methods face challenges in effectively detecting SQL injection attacks. To overcome this challenge, machine learning(ML)algorithms have emerged as a promising approach for detecting SQL injection attacks. This paper presents a comprehensive literature review on the utilisation of MLtechniques for SQL injection detection. The review covers various aspects, including dataset collection, feature extraction, training, and testing, with different MLalgorithms. The studies included in the review demonstrate high levels of accuracy in detecting attacks and reducing false positives.en-USCybersecurity; Machine Learning; SQL Injection DetectionArticle5057101