BERT-LGBM Model for Error and Union Attacks Detection in Web Application

Authors

  • Imdad Ali Shah FEST, Iqra University, Karachi, Pakistan
  • Noor Zaman Jhanjhi School of Computer Science, Malaysia

DOI:

https://doi.org/10.33150/JITDETS-10.1.5

Keywords:

Error and Union attacks detection, BERT, AI-based, LGBM, Web apps

Abstract

The rapid growth of web-based applications has mostly increased the threats of SQL injection (SQLi) attacks, which remain the most critical risks to data security and system integrity. SQLi is one of the severe and persistent threats to data confidentiality. SQLi attacks exploit vulnerabilities in web apps input fields, permitting adversaries to manipulate queries and obtain unauthorized access to sensitive data. In the modern era, SQL injection attack types have increased, with error-based attacks being the most critical security concerns for web app firewalls. Several industries are vulnerable, such as online banking e-commerce, healthcare, financial institutions and government services. With the growing trust in digital infrastructures, attackers use advanced techniques to exploit vulnerabilities in database queries to obtain illegal access to personal information. Traditional detection systems, such as Static, Dynamic, and Manual Analysis, are insufficient for detecting new methods and SQLi attacks due to their static nature and limited adaptability in web
apps traffic. The purpose of this article is to build an AI-based model for detecting accurate and robust SQLi (error-based) attacks. This research aims to give intelligent solutions the ability to secure NLP applications against the complicating and changing attack vectors. Our study contributes to advancing web apps security by giving an effective and scalable AI-based solution for SQLi (error-based) attacks detection. Our proposed model has achieved results, accuracy 0.99, precision 0.98, recall 0.97 and F1 0.99. Outperforms existing approaches in SQL injection (error-based) detection, demonstrating superior performance compared to the RF models. While BERT-LSTM achieved slightly lower performance, accuracy: 0.97, precision: 0.963, recall: 0.962, F1-score: 0.958. The RF model matched the proposed model in accuracy 0.99 and F1-score 0.98 while achieving the highest recall 0.997, indicating a strong detection model. These results highlight the robustness and reliability of the proposed model in balancing precision and recall, making it more effective for real-world SQL injection (error-based) detection tasks.

Downloads

Published

2026-06-10

How to Cite

[1]
Imdad Ali Shah and Noor Zaman Jhanjhi, “BERT-LGBM Model for Error and Union Attacks Detection in Web Application”, J. ICT des. eng. technol. sci., vol. 10, no. 1, pp. 45–56, Jun. 2026.

Issue

Section

Articles