摘要
针对目前SQL注入检测方法检测效率和检测准确率不高的问题,提出了一种基于注意力机制的检测模型Att-BiLSTM。首先,对收集到的数据集在预处理后采用RoBERTa进行词嵌入,得到融合上下文信息的语言表征;再使用编码后的词向量在基于注意力机制的双向长短时记忆网络中进行训练,以获取数据之间的关联性,得到忽略无关噪声信息、关注重点信息的特征表征;最后,将融合了注意力信息的输出在全连接层和softmax层进行分类或反向传播给训练层更新参数。实验结果表明,基于注意力机制的SQL注入检测模型有效提高了检测精度,准确率为99.58%,召回率为99.64%,与原始BiLSTM相比,准确率和召回率分别提高了0.52%和0.28%,与BiRNN相比,准确率和召回率分别提高了6.18%和6.91%。
Aiming at the poor detection efficiency and accuracy of SQL injection detection methods,a detection method based on attention mechanism’s Att-BiLSTM model was proposed.Firstly,having the collected dataset preprocessed before having it embedded in the word using RoBERTa so as to obtain the language representation that incorporating contextural information;and then,having the encoded word vector trained in the two-way long-short-term memory network based on the attention mechanism to obtain the correlation between the data,including the characteristic representation of ignoring irrelevant noise information and focusing on theimportant information;and finally,having the output which incorporating attention information classified or backpropaged to the training layer to update parameters.Experimental results show that,the SQL injection detection model(Att-BiLSTM)based on attention mechanism effectively improves the detection accuracy by 99.58%and a recall rate of 99.64%;compared with the original BiLSTM,the accuracy and recall rate are increased by 0.52%and 0.28%,respectively,and compared with BiRNN,the accuracy and recall rate are increased by 6.18%and 6.91%,respectively.
作者
孟顺建
李亚
王海瑞
朱贵富
王清宇
MENG Shun-jian;LI Ya;WANG Hai-rui;ZHU Gui-fu;WANG Qing-yu(Faculty of Information Engineering and Automation,Kunming University of Science and Technology)
出处
《化工自动化及仪表》
CAS
2023年第3期348-355,共8页
Control and Instruments in Chemical Industry
基金
国家自然科学基金项目(61863016,61263023)。
