Dynamic Pattern Intelligence for SQLi-Centric Anomaly Detection in Controlled Input Environments

Abstract

Web applications have become a critical component of modern digital infrastructure, supporting services such as banking, e-commerce, healthcare, and enterprise systems. With the increasing reliance on authentication mechanisms, these systems are exposed to significant security risks due to improper input handling and weak validation practices. Such vulnerabilities can lead to unauthorized access, data breaches, and compromise of sensitive information, making security a major concern in web-based environments. The primary challenge lies in the limitations of manual rule-based systems, which rely on predefined patterns and static logic to detect malicious inputs. Although effective for known attack signatures, these systems fail to identify complex, obfuscated, or newly emerging threats. Continuous manual updates are required to maintain their effectiveness, resulting in increased maintenance effort and reduced scalability. This leads to lower detection accuracy and higher chances of system exploitation in dynamic environments. To overcome these limitations, the proposed system introduces a dynamic exploit-and-defense framework for real-time detection in authentication systems. It utilizes models such as Logistic Regression (LRC), Random Forest (RF), Gaussian Naive Bayes (GNB), and Multinomial Naive Bayes (MNB) along with Term Frequency–Inverse Document Frequency (TF-IDF) based feature extraction to classify inputs. The system is implemented using Django for application handling, Structured Query Language (SQL) for data management, and bcrypt for secure password hashing. It identifies multiple input-based threat categories including SQL Injection (SQLi), Cross-Site Scripting (XSS), Command Injection (CMDI), Local File Inclusion (LFI), and Server-Side Template Injection (SSTI) as target outputs.