<a href="https://colab.research.google.com/github/smit982/SQL-INJECTION-AND-BBQSQL/blob/main/AI_SQL_Injection_Prevent.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

Yes, in the demo example we used an AI model called LSTM to detect SQL injection attacks. Specifically, we trained the LSTM model on a dataset of SQL queries, both legitimate and malicious, to learn patterns and characteristics of the malicious queries that can be used to distinguish them from legitimate ones. The trained model is then used to predict whether a given SQL query is malicious or not. This approach is a form of machine learning, which is a subfield of AI that involves training algorithms to learn patterns in data and make predictions or decisions based on that learning.

**In the demo, we used AI in the following step to detect SQL injection attacks:**
**bold text**

Training the LSTM model: We used a dataset of SQL queries, both legitimate and malicious, to train the LSTM model to learn patterns and characteristics of the malicious queries that can be used to distinguish them from legitimate ones. The model is trained using the backpropagation algorithm to adjust the weights and biases of the network to minimize the error in the prediction of the output.
Predicting whether a given SQL query is malicious or not: After training the LSTM model, we used it to predict whether a given SQL query is malicious or not. Specifically, we pass the input SQL query through the trained LSTM model, which outputs a probability score indicating the likelihood of the query being malicious. If the score exceeds a certain threshold, we consider the query to be malicious and print a message indicating that SQL injection has been detected.
So, in summary, we used AI in the training and prediction steps of the demo to detect SQL injection attacks.

In [None]:
!pip install sqlparse
!pip install tensorflow
!pip install keras


Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/


Create a function that takes an SQL query as input and returns a boolean value indicating whether SQL injection is detected or not. 

In [None]:
import sqlparse
import re
from keras.models import load_model
import numpy as np

def detect_sql_injection(query):
  # Check if query contains SQL keywords
  keywords = ['select', 'insert', 'update', 'delete', 'drop', 'create', 'union', 'truncate', 'alter']
  if any(keyword in query.lower() for keyword in keywords):
    # Check if query contains suspicious characters
    if re.search(r"[\"';]", query):
      return True

  # Check if query is syntactically valid
  try:
    parsed = sqlparse.parse(query)[0]
    str(parsed.tokens[0]).lower()
  except:
    return True

  # Check if query is semantically valid
  model = load_model('sql_injection_detection_model.h5')
  tokenized_query = [token.value.lower() for token in parsed.tokens if not token.is_whitespace()]
  tokenized_query = np.array(tokenized_query)
  tokenized_query = np.expand_dims(tokenized_query, axis=0)
  prediction = model.predict(tokenized_query)[0][0]
  if prediction > 0.5:
    return True
  
  return False


In [None]:
query = input("Enter your SQL query: ")
if detect_sql_injection(query):
  print("SQL injection detected!")
else:
  print("SQL injection not detected.")


Enter your SQL query: SELECT * FROM users WHERE username = 'admin' AND password = '1234' OR 1=1;
SQL injection detected!
