Muhammad Amirulluqman AzmanMohd Fadzli MarhusinRossilawati Sulaiman2024-05-282024-05-2820212022-4-2Azman, M. A., Marhusin, M. F. & Sulaiman, R. (2021). Machine Learning-Based Technique to Detect SQL Injection Attack. Journal of Computer Science, 17(3), 296-303. https://doi.org/10.3844/jcssp.2021.296.3031549-3636606-610.3844/jcssp.2021.296.303https://thescipub.com/abstract/10.3844/jcssp.2021.296.303https://oarep.usim.edu.my/handle/123456789/6201Lack of secure codes implemented in the web apps will lead to cyber-attack because of vulnerabilities. The statistic shows that highest record on the data theft related cyber-attacks are through the SQL injection technique. Hence, an effective SQL injection detection is needed in any web system to combat this threat. In this research, machine learning technique is used where training is provided to the SQL injection detector using a training data and then is evaluated against a testing data. The research relies on the preparation of the training and testing datasets. Training sets are used by the detector to establish the knowledge base and the test set is used to evaluate the performance of the detector. The result of the detection shows that the proposed technique produces high accuracy in recognizing malicious and benign web requests.enMachine Learning, Signature-Based, Knowledge-Based, SQL Injection, SQL Injection ToolsMachine Learning-Based Technique to Detect SQL Injection AttackArticle296303173