DOI: 10.14569/IJACSA.2025.0160522

Hybrid Structure Query Language Injection (SQLi) Detection Using Deep Q-Networks: A Reinforcement Machine Learning Model

Author 1: Carlo Jude P. Abuda
Author 2: Cristina E. Dumdumaya

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 16 Issue 5, 2025.

Abstract: Structured Query Language injection (SQLi) remains one of the most pervasive and dangerous threats to web-based systems, capable of compromising databases and bypassing authentication protocols. Despite advancements in machine learning for cybersecurity, many models rely on static detection rules or require extensive labeled datasets, making them less adaptable to evolving threats. Addressing this limitation, the present study aimed to design, implement, and evaluate a Deep Q-Network (DQN) model capable of detecting SQLi attacks using reinforcement learning. The research employed a Design and Development Research (DDR) methodology, supported by an evolutionary prototyping framework, and utilized a dataset of 30,919 labeled SQL queries, balanced between malicious and safe inputs. Preprocessing involved query normalization and vector encoding into fixed-length ASCII representations. The DQN model was trained over 2,000 episodes, using experience replay and an epsilon-greedy strategy. Key evaluation metrics—accuracy, cumulative reward, and epsilon decay—showed performance improvements, with accuracy increasing from 52% to 82% and stabilizing between 65% and 73% in later episodes. The agent demonstrated consistent adaptability by successfully generalizing across various injection patterns. This outcome suggests that reinforcement learning, particularly using DQN, provides a viable alternative to traditional models, with superior resilience and dynamic learning capabilities. The model's convergence trend highlights its practical application in real-time SQLi detection systems, contributing significantly to cybersecurity measures for database-driven applications.

Keywords: Adaptive systems; cybersecurity; deep q-network; intrusion detection; query classification; reinforcement learning; SQL injection

Carlo Jude P. Abuda and Cristina E. Dumdumaya, “Hybrid Structure Query Language Injection (SQLi) Detection Using Deep Q-Networks: A Reinforcement Machine Learning Model” International Journal of Advanced Computer Science and Applications(IJACSA), 16(5), 2025. http://dx.doi.org/10.14569/IJACSA.2025.0160522

@article{Abuda2025,
title = {Hybrid Structure Query Language Injection (SQLi) Detection Using Deep Q-Networks: A Reinforcement Machine Learning Model},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160522},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160522},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {5},
author = {Carlo Jude P. Abuda and Cristina E. Dumdumaya}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

Computer Vision Conference (CVC) 2026

16-17 April 2026

Healthcare Conference 2026

21-22 May 2026

Computing Conference 2025

19-20 June 2025

IntelliSys 2025

28-29 August 2025

Future Technologies Conference (FTC) 2025

6-7 November 2025