Abstract:
This paper introduces a method for detecting SQL Injection (SQLi), Command Injection, and Cross-Site Scripting (XSS) vulnerabilities using fine-tuned, transformer-based l...Show MoreMetadata
Abstract:
This paper introduces a method for detecting SQL Injection (SQLi), Command Injection, and Cross-Site Scripting (XSS) vulnerabilities using fine-tuned, transformer-based language models within a multilabel binary classification framework. Our approach takes advantage of three pre-trained lightweight models: DistilBERT, ALBERT, and ArmoRM-Llama3-8B. Each fine-tuned for text classification tasks on the SQLi XSS dataset. Fine-tuning involved freezing the pretrained transformer layers and updating a fully connected output layer. The primary challenge lies in generating multi-label outputs for four vulnerability classes (SQL Injection, Command Injection, XSS, and Normal traffic) with binary indicators for normal (0) or attack (1) status. Evaluation metrics, including confusion matrices, indicate that fine-tuning ArmoRM-Llama3-8B achieves slightly higher accuracy and detection rates than DistilBERT and ALBERT, particularly in identifying complex injection attacks. Furthermore, ArmoRM-Llama3-8B demonstrated the fastest testing evaluation time despite a moderately longer training period. These results highlight the feasibility and effectiveness of transformer-based language models in enhancing web security through improved vulnerability detection.
Published in: 2025 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)
Date of Conference: 18-21 February 2025
Date Added to IEEE Xplore: 19 March 2025
ISBN Information: