A Multi-Vector Framework for Injection Attack Detection Using NLP Lexical–Semantic Fusion with Reinforcement Learning DQN–Based Calibration

Abstract: Injection attacks persist as dominant threats in modern web systems due to obfuscation, polymorphism, and multi-vector exploitation across SQLi, XSS, LDAP Injection, and Command Injection. Existing defenses often rely on static signatures or single-vector models, which limit generalization under adversarial payload mutation. This study addressed that limitation by designing and evaluating a unified multi-vector detection framework that integrated Natural Language Processing (NLP) and Deep Q-Network (DQN) Reinforcement Learning (RL) within a structured Design–Development–Research methodology. The study consolidated heterogeneous open-source datasets comprising 346,954 benign and 653,046 malicious XSS samples, 107,328 benign and 136,746 malicious SQLi samples, 1,591 benign and 515 malicious Command Injection samples, and 1,100 benign and 900 malicious LDAP Injection samples. The pipeline operationalized canonicalized payloads as inputs, hybrid lexical–semantic feature extraction and supervised classification as processes, and probabilistic attack decisions with calibrated thresholds as outputs. The NLP pipeline fused TF-IDF character n-grams with transformer embeddings to preserve structural and contextual signatures. Logistic Regression and One-vs-Rest Linear SVM achieved strong discrimination under group-aware splits, while the DQN agent optimized decision thresholds using reward-based calibration without modifying classifier parameters. Results demonstrated stable ROC and Precision–Recall performance, coherent embedding separation, and convergence of reinforcement learning rewards and loss. The deployed system was evaluated using ISO/IEC 25010 functional suitability criteria, including functional completeness, correctness, and appropriateness, to verify that the detection pipeline executed all required operations and produced reliable decision outputs and explainable, confidence-supported decisions. The framework strengthened secure digital infrastructure, contributing to resilient innovation ecosystems aligned with Sustainable Development Goals 9 and 16.

Carlo Jude P. Abuda and Cristina E. Dumdumaya. “A Multi-Vector Framework for Injection Attack Detection Using NLP Lexical–Semantic Fusion with Reinforcement Learning DQN–Based Calibration”. International Journal of Advanced Computer Science and Applications (IJACSA) 17.3 (2026). http://dx.doi.org/10.14569/IJACSA.2026.0170385

@article{Abuda2026,
title = {A Multi-Vector Framework for Injection Attack Detection Using NLP Lexical–Semantic Fusion with Reinforcement Learning DQN–Based Calibration},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2026.0170385},
url = {http://dx.doi.org/10.14569/IJACSA.2026.0170385},
year = {2026},
publisher = {The Science and Information Organization},
volume = {17},
number = {3},
author = {Carlo Jude P. Abuda and Cristina E. Dumdumaya}
}