<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Archiving and Interchange DTD v1.0 20120330//EN" "JATS-archivearticle1.dtd">
<article xmlns:xlink="http://www.w3.org/1999/xlink">
  <front>
    <journal-meta>
      <journal-title-group>
        <journal-title>July</journal-title>
      </journal-title-group>
    </journal-meta>
    <article-meta>
      <title-group>
        <article-title>Case-based Explanation of Classification Models for the Detection of SQL Injection Attacks</article-title>
      </title-group>
      <contrib-group>
        <contrib contrib-type="author">
          <string-name>Juan A. Recio-Garcia</string-name>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Mauricio G. Orozco-del-Castillo</string-name>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Jose A. Soladrero</string-name>
          <xref ref-type="aff" rid="aff0">0</xref>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Department of Software Engineering</string-name>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Artificial Intelligence</string-name>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Instituto de Tecnologías del Conocimiento</string-name>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Universidad Complutense de Madrid</string-name>
        </contrib>
        <contrib contrib-type="author">
          <string-name>Spain</string-name>
        </contrib>
        <aff id="aff0">
          <label>0</label>
          <institution>Tecnológico Nacional de México/IT de Mérida, Department of Systems and Computing</institution>
          ,
          <addr-line>Merida</addr-line>
          ,
          <country country="MX">Mexico</country>
        </aff>
      </contrib-group>
      <pub-date>
        <year>2023</year>
      </pub-date>
      <volume>1</volume>
      <fpage>7</fpage>
      <lpage>20</lpage>
      <abstract>
        <p>This paper investigates the interpretability of various machine learning models in the context of detecting SQL injection attacks. The models under investigation include decision trees, multi-layer perceptron, random forests, support vector machines, ADA Boost, naive Bayes, and quadratic discriminant analysis. Our main objective is to gain insights into how these models make decisions when classifying SQL commands as either legitimate or potentially malicious. To achieve this, we employ a set of commonly used features from the literature to train and evaluate the models. By prioritizing explainability, our aim is to uncover the underlying factors and decision rules that drive the models' predictions. Through this research, we seek to bridge the gap between model accuracy and human understanding, thereby facilitating the practical application of machine learning models in real-world security scenarios. The ifndings of this study contribute to the development of a case-based explanation system that provides valuable insights for cybersecurity practitioners and researchers.</p>
      </abstract>
    </article-meta>
  </front>
  <body>
    <sec id="sec-1">
      <title>1. Introduction</title>
      <p>
        The increasing reliance on web applications and the growing sophistication of cyber threats
have necessitated the development of efective methods for detecting and mitigating SQL attacks.
Machine learning (ML) models have shown promising results in identifying such attacks by
leveraging their ability to capture complex patterns and relationships in data [
        <xref ref-type="bibr" rid="ref1">1</xref>
        ], however, the
inherent black-box nature of these models raises concerns regarding their explainability.
      </p>
      <p>
        Explainability is a critical aspect in the context of cybersecurity [
        <xref ref-type="bibr" rid="ref2">2</xref>
        ]. It refers to the ability
to understand and interpret how a model arrives at its decisions or predictions. The lack of
explainability in ML models can hinder their adoption in security-sensitive domains, where
accountability, transparency, and interpretability are paramount [
        <xref ref-type="bibr" rid="ref2">2</xref>
        ]. In the case of SQL attack
detection, security analysts and stakeholders need to have confidence in the reliability of the
model’s outputs and be able to comprehend the underlying rationale behind the identified
threats [
        <xref ref-type="bibr" rid="ref3">3</xref>
        ].
      </p>
      <p>
        Understanding the decision-making process of ML models is crucial for building trust and
confidence in their outputs [
        <xref ref-type="bibr" rid="ref4">4</xref>
        ]. Tree-based models, such as decision trees (DTs), random forests
(RFs) and gradient boosting machines, ofer inherent interpretability due to their hierarchical
structure and explicit decision rules, however, even these models can become increasingly
complex and less interpretable as they grow in depth and breadth [
        <xref ref-type="bibr" rid="ref3">3</xref>
        ], as is the case with other
ML models which are inherently considered as black-boxes, such as artificial neural networks,
support vector machines, etc.
      </p>
      <p>
        In this paper, we aim to investigate the explainability of several ML models for the detection
of SQL injection attacks, particularly, DTs, multi-layer perceptron (MLP), random forests (RFs),
support vector machines (SVMs), ADA Boost, naive Bayes (NB) and quadratic discriminant
analysis (QDA). Our objective is to shed light on the interpretability of these models when
attempting to classify a dataset of SQL commands, both legitimate and considered as possible
attacks, by using a set of features commonly found in the literature [
        <xref ref-type="bibr" rid="ref1 ref3">1, 3</xref>
        ]. The objective is to
enable insights into the features and rules driving their predictions. Through the development
of a case-based explanation system, we strive to bridge the gap between model accuracy and
human comprehension, ultimately facilitating the efective utilization of ML models in real-world
security scenarios.
      </p>
      <p>This paper is organized as follows: Section 2 provides an overview of related work on
explainable ML models and the detection of SQL attacks. Section 3 describes the dataset
and evaluates the performance of several state-of-art ML models for the classification of SQL
attacks. We then present in Section 4 our methodology for the explainability of these models,
discussing the insights gained from the application of the explainable artificial intelligence
(XAI) techniques. Subsequently, in Section 5 we present a case-based explanation approach that
exploits the conclusions of the XAI analysis to provide useful explanation examples to the end
user. Section 6 analyzes and evaluates its performance. Concluding remarks are discussed in
Section 7, including a summary of our findings and implications.</p>
    </sec>
    <sec id="sec-2">
      <title>2. Background</title>
      <p>
        Cybersecurity is in charge of protecting everything that can connect to a diferent digital device,
it can be divided into two parts, the systems’ security information and the physical security of
any devices [
        <xref ref-type="bibr" rid="ref5">5</xref>
        ]. In the last few years it has gained particular interest due to, partly, the market
of cybersecurity has been valued well over the $156 billion mark, with expectations up to $350
billion by 2026 [
        <xref ref-type="bibr" rid="ref2">2</xref>
        ].
      </p>
      <p>
        One of the most common types of cybersecurity attacks are injection attacks. Injection attacks
happen when an attacker makes an input which the system is not ready to receive; this allows
the attacker to execute malicious commands which can result in a diversity of negative efects
such as data leakage or giving access to users who should not be authorized to have them [
        <xref ref-type="bibr" rid="ref1">1</xref>
        ].
In an SQL injection attack the attacker uses a SQL sentence with the objective of extracting or
modifying data from the database, this can lead to huge risks to any system since it can give the
attackers the ability to even delete the whole database or grant access to anyone they desire [
        <xref ref-type="bibr" rid="ref1">1</xref>
        ].
These risks have led to explore AI techniques [
        <xref ref-type="bibr" rid="ref2">2</xref>
        ]s, particularly ML models, for the detection of
SQL injection attacks.
      </p>
      <p>
        However, it is considered that the more powerful a ML model is, the less interpretable
and explainable it becomes. This issue is particularly important in the field of cybersecurity
considering that fundamental decisions cannot be trusted to a system that cannot explain
itself. This led to the field of XAI, which aims to shed light on intelligent systems without
compromising their performance. Explanability attempts to solve the question as to why a
model reaches a given conclusion, since some models are used in a high-risk enviroment, it
is important to comprehend and not just blindy trust it because it is possible the model might
not have enough information to understand the situation as a whole and give an incorrect
prediction [
        <xref ref-type="bibr" rid="ref6">6</xref>
        ].
      </p>
      <p>
        XAI techniques in cybersecurity have focused on the following fields: Intrusion Detection
Systems, Malware Detection, Phishing and Spam Detection, and BotNet Detection [
        <xref ref-type="bibr" rid="ref2">2</xref>
        ]. Less
works have focused on fields such as Fraud Detection, Zero-Day Vulnerabilities, Digital Forensics,
and Crypto-Jacking [
        <xref ref-type="bibr" rid="ref2 ref6">6, 2</xref>
        ]. Injection attacks, despite being considered one of the main threats
to cybersecurity [
        <xref ref-type="bibr" rid="ref7">7</xref>
        ], which has in turn led to the development of several ML models for their
detection [
        <xref ref-type="bibr" rid="ref1">1</xref>
        ], has not been considerably explored using XAI techniques [
        <xref ref-type="bibr" rid="ref2">2</xref>
        ].
      </p>
      <p>
        However, other cybersecurity fields have extensibly been favored by XAI techniques. For
instance, the explainability of Intrusion Detection Systems has been explored using rule-based
models [
        <xref ref-type="bibr" rid="ref8">8</xref>
        ] and Shapley Additive Explanations (SHAP) [
        <xref ref-type="bibr" rid="ref10 ref11 ref12 ref9">9, 10, 11, 12</xref>
        ]. The SHAP framework
assigns values to features based on its marginal contribution to the prediction when considering
all possible combinations of features. Other works have relied on Local Interpretable
Modelagnostic Explanations (LIME), which aims to explain individual predictions of a model by
approximation the model’s behavior in a local neighborhood around the instance of interest,
which creates a simpler, more interpretable model, such as a linear regression model. In [
        <xref ref-type="bibr" rid="ref13">13</xref>
        ] the
authors propose the deduction of features and characteristics of a SVM model using LIME, which
allows the detection of an adversarial attack which would otherwise fool the model. Malware
Detection has also recurred to LIME, for instance, to identify locations considered important by
a convolutional neural network in the opcode sequence of an Android application [
        <xref ref-type="bibr" rid="ref14">14</xref>
        ] and to
calculate scores for words showing the output’s significance of another convolutional neural
network [
        <xref ref-type="bibr" rid="ref15">15</xref>
        ]. In terms of BotNet Detection, [
        <xref ref-type="bibr" rid="ref16">16</xref>
        ] describes BotStop, a detection system that
examines incoming and outgoing network trafic to prevent infections; BotStop is founded on
SHAP use with features extracted from network packets. SHAP is also used in BotNet Detection
to determine the relevant trafic features in a framework [
        <xref ref-type="bibr" rid="ref17">17</xref>
        ] and, along with LIME, Anchors,
Counterfactual Explanation, and Open Source Intelligence (OSINT), to prevent Botnet Domain
Generation Algorithm (DGA) for Cyber Threat Intelligence Sharing.
      </p>
    </sec>
    <sec id="sec-3">
      <title>3. Dataset and Model</title>
      <p>
        The dataset of SQL Injection Attacks was obtained from [
        <xref ref-type="bibr" rid="ref18">18</xref>
        ]. After eliminating repeated data,
we obtained a total of 30,876 instances, from it the non-related SQL instances were removed,
leaving only SQL malicious and non-malicious sentences. The final dataset contains 22,931
instances with a balanced distribution of the binary target class (11365: Attack, 11566: No
Model
      </p>
      <p>DT
Attack).</p>
      <p>
        From the SQL sentence 82 binary and numerical features were obtained through the analysis
of the existing literature [
        <xref ref-type="bibr" rid="ref19 ref20 ref21 ref22 ref23 ref24 ref25 ref26 ref27 ref28">19, 20, 21, 22, 23, 24, 25, 26, 27, 28</xref>
        ]. Table 2 describes the features
being considered (located at the end of the paper). For example, most features are the use of
SQL keywords like select, from, where. These are usual keywords in SQL statements that may
indicate a malicious attempt to obtain information from the database. Other keywords like drop,
delete, alter, or update clearly indicate an injection attack to the database. There are also some
features that take into account the count of repetitions of a concrete keyword or even more
elaborated expressions commonly used in SQL injection attacks (for example, the use of equality
expressions such as “1 = 1” to avoid the use of boolean values). After removing features with
one single unique value, the resulting dataset contains 74 features, that we denote as ℱ .
      </p>
      <p>Next, diferent ML classification models were trained and evaluated using 5-fold
crossvalidation. Similarly to other previous results from the literature, they all achieved very high
accuracy, as presented in Table 1. These results led us to initially presume that there was a
direct correlation between some of the features and the target label. Thus, the correlation table
was computed between all the features (including the target variable). This table is presented
in Figure 1 where column/row 0 represents the target variable. As we can observe, there is
no correlation between any of the dataset’s features. Another possible explanation for this
remarkable accuracy is that the combination of values from a bounded subset of features leads
to a clear classification. To discard this hypothesis, we analyzed the decision tree model, as is a
white-box ML technique. The corresponding tree is presented in Figure 2, which clearly led us
to reject this hypothesis.</p>
      <p>After discarding any correlation or simple direct proportion between features that led to
the classification as an attack, we can conclude that the ML models are very suitable tools for
this task, as they achieve remarkable accuracy even though this is not a simple classification
problem. In the following section, we introspect these models with XAI techniques to infer
which are the most relevant features for detecting SQL injection attacks.</p>
    </sec>
    <sec id="sec-4">
      <title>4. XAI Analysis</title>
      <p>Explainable Artificial Intelligence (XAI) plays a crucial role in providing transparency to
blackbox ML models. While often robust and accurate, these models can be challenging to understand
due to their complex internal mechanisms. This is the case of the ML models trained in the
previous section: they achieve very high accuracy, although there is no information about
which features are the most relevant to identify SQL injection attacks.</p>
      <p>XAI techniques aim to bridge this gap by shedding light on how these models make predictions
or decisions. By using methods such as feature importance analysis, rule extraction, or local
explanations, XAI allows users to gain insights into the factors that influence the model’s output.
This transparency not only helps in understanding the decision-making process but also assists
in identifying biases, errors, or potential vulnerabilities.</p>
      <p>To provide transparency to the previous ML models, we have focused on the following
established XAI methods: feature importance, permutation importance and Shapley Additive
exPlanations (SHAP). As most of the ML techniques evaluated in the previous section achieve a
similar performance (with a diference of 0.5%) we have chosen the Random Forest model for
its analysis. The decision tree structure of Random Forests provides inherent interpretability, as
the paths from the root to the leaves can be traced to understand how the model arrives at its
predictions.</p>
      <p>The feature importance method computes the relative contribution of diferent input features
on the predictions made by a machine learning model. It aims to provide insights into which
features are most influential in driving the model’s output. The feature importance in Random
Forests can be easily obtained by analyzing the average impurity reduction (Mean Decrease
in Impurity, MDI) across all trees. The permutation importance method evaluates the feature’s
impact on the model’s performance when their values are randomly shufled. The logic behind
this method is that significant features, when shufled, will cause a more significant drop in the
model’s performance, indicating their crucial role in making accurate predictions. Extending
this concept, the SHAP (Shapley Additive exPlanations) method is based on cooperative game
theory and considers the interactions and dependencies between feature subsets to provide a
fair allocation of the model’s prediction to individual features.</p>
      <p>Applying these explanation methods to the RF model, we obtain the results displayed in
Figure 3, where we have selected the 15 most relevant features for each method. As we
can observe, F8 (’from’ keyword) is the most relevant feature to classify a SQL sentence as
an attack, followed by F16 (=) and F81 (hidden equality expression). From the intersection
of the resulting feature lists, we obtain the 11 most significant explanation features: ℱ =
{ 1,  2,  6,  8,  16,  24,  25,  52,  57,  81,  82}1 from the whole original set ℱ with
74 features used to train the model.</p>
      <p>The next step is analyzing the impact (positive or negative) of the values of these most
significant features. To do so, we compute the class distribution ( Attack or No Attack) of the
instances having a concrete feature value. As all features in ℱ are boolean values representing
1see Table 2 for the corresponding description
that the feature is found or not found in the SQL sentence, we obtain the two charts presented
in Figure 4. These charts represent the percentage of instances (among the total) considered
as an attack or not when a feature is found (left chart) or not (right chart). Through the class
distributions reported in these charts, we can understand the most significant patterns or rules
found by the random forest classifier. For example, the presence of a hidden equality expression
(F81) such as “1 = 1”, that is commonly used to masquerade an attack, has a majority percentage
of instances labeled as attacks (Figure 4 left). Another usual keyword in SQL attacks is sleep
(F57), that, when found, also presents a majority percentage of sentences considered an attack.
On the other hand, the absence of common keywords such as from (F8) or select (F1) is also a
clear indication of a potential attack (Figure 4 right).</p>
    </sec>
    <sec id="sec-5">
      <title>5. Case-based Explanation</title>
      <p>After the analysis of the most relevant features of the dataset for the classification of SQL attacks
by an ML model, we can move forward to developing a case-based explanation system. By
drawing parallels between the current query and similar explanation cases from the dataset,
case-based explanations provide a transparent rationale for the ML classification, enhancing
the interpretability of the underlying model. In our concrete scenario, SQL sentences similar to
a query are presented to the user. These explanation cases corroborate the prediction made by
the ML model regarding the malicious nature of the query.</p>
      <p>
        We propose a case-based explanation process following the MAC/FAC (Many-Are-Called,
Few-Are-Chosen) schema [
        <xref ref-type="bibr" rid="ref29">29</xref>
        ]. The filtering step (MAC) takes advantage of the XAI analysis
presented in the previous section to select only explanation cases  with the same values as the
query  for the most significant explanation features ℱ. This way, we maximize the explicability
of the examples presented to the user. This step filters the compatible SQL sentences in the
dataset  according to hard restrictions given by the presence or lack in the query of the critical
explanation features: from, select, sleep, etc. It also takes into account if the actual label of the
explanation case . and the label predicted by the model () match. The corresponding
MAC function is defined as:
      </p>
      <p>() = { ∈  : . = () ∧ . = ., ∀ ∈ ℱ}</p>
      <p>The selection step (FAC) obtains the most similar explanation cases to  using a similarity
metric that compares the remaining features in the description of a SQL sentence ℱ . This
step applies a minimum similarity threshold  and the inverse of the Euclidean distance as the
similarity metric:</p>
      <p>() =
(, ) =
{ ∈ () : (, ) &gt;  }
1 − √︁∑︁(. − . )2, ∀ ∈ ℱ
(1)
(2)
(3)</p>
      <p>In the following section, we present the evaluation of the proposed case-based explanation
method following the MAC/FAC approach.</p>
    </sec>
    <sec id="sec-6">
      <title>6. Evaluation</title>
      <p>To evaluate the case-based explanation method we have split the dataset into a 25%-75% test
and training sets. The filtering step (MAC) is evaluated by computing how many explanation
cases from the training set are obtained, this is, how many match with the query for the most
significant explanation features ℱ. This process is repeated for each case in the test set. Results
are shown by the histogram in Figure 5 (left). As we can observe, the histogram shows that the
MAC filter is able to find a large number of explanation cases obeying the restrictions given by
the explanation features in ℱ. This is mainly due to the very large number of instances in the
dataset To evaluate the selection step (FAC) we computed the mean similarity of the k-NNs to
the query. Figure 5 (right) shows the corresponding histogram for  = 3. As we can observe,
our case-based explanation system is able to find explanation cases that are very similar to the
query. Again, this is rooted in the large number of options given by the previous MAC step.</p>
    </sec>
    <sec id="sec-7">
      <title>7. Conclusions</title>
      <p>This paper reports an in-depth analysis of the performance of ML models for detecting SQL
injection attacks. The first contribution of the paper is the analysis and collection of the features
considered by previous works for training such models. Then a novel dataset represented
by these features is developed from a large collection of SQL sentences labeled according
to their malicious intents. From this dataset, several ML models are trained and evaluated,
demonstrating the high accuracy of these techniques for identifying SQL attacks. However,
the black-box nature of these ML models does not allow us to understand the most significant
features that denote a SQL attack. Therefore, we apply several XAI techniques to identify the
features that characterize malicious SQL sentences. Finally, these relevant features let us build a
case-based explanation system based on the MAC/FAC schema. This CBR system enables the
understanding of why a SQL sentence is considered an attack by the ML model through the
comparison between such sentences and similar explanation cases.
count(SUBSTRING)
count(MID)
count(ASC)
count(&lt;)
count(&gt;)
count(")
count("")
exists
floor
rand
group
order
lenght
ascii
if
count
sleep
between
values
delay
wait
benchmark
indentity_insert
truncate table
username | password
user | pass
")"
limit
concat
ne
find
eq | gt | gte | lt | it | lte | ite | in | nin
mod | regex | text
return
return true | return 1
exists
create
show
collection
while(loop)
hidden equality expression
large expression
Feature</p>
    </sec>
    <sec id="sec-8">
      <title>Acknowledgments</title>
      <p>Supported by the PERXAI project PID2020-114596RB-C21, funded by the Ministry of Science
and Innovation of Spain (MCIN/AEI/10.13039/501100011033) and the BOSCH-UCM Honorary
Chair on Artificial Intelligence applied to Internet of Things.</p>
    </sec>
  </body>
  <back>
    <ref-list>
      <ref id="ref1">
        <mixed-citation>
          [1]
          <string-name>
            <given-names>M.</given-names>
            <surname>Alghawazi</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D.</given-names>
            <surname>Alghazzawi</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S.</given-names>
            <surname>Alarifi</surname>
          </string-name>
          ,
          <article-title>Detection of SQL Injection Attack Using Machine Learning Techniques: A Systematic Literature Review</article-title>
          ,
          <source>Journal of Cybersecurity and Privacy</source>
          <volume>2</volume>
          (
          <year>2022</year>
          )
          <fpage>764</fpage>
          -
          <lpage>777</lpage>
          . doi:
          <volume>10</volume>
          .3390/jcp2040039.
        </mixed-citation>
      </ref>
      <ref id="ref2">
        <mixed-citation>
          [2]
          <string-name>
            <given-names>N.</given-names>
            <surname>Capuano</surname>
          </string-name>
          ,
          <string-name>
            <given-names>G.</given-names>
            <surname>Fenza</surname>
          </string-name>
          ,
          <string-name>
            <given-names>V.</given-names>
            <surname>Loia</surname>
          </string-name>
          ,
          <string-name>
            <given-names>C.</given-names>
            <surname>Stanzione</surname>
          </string-name>
          ,
          <article-title>Explainable artificial intelligence in cybersecurity: A survey</article-title>
          ,
          <source>IEEE Access 10</source>
          (
          <year>2022</year>
          )
          <fpage>93575</fpage>
          -
          <lpage>93600</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref3">
        <mixed-citation>
          [3]
          <string-name>
            <given-names>M. S.</given-names>
            <surname>Roobini</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S. R.</given-names>
            <surname>Srividhya</surname>
          </string-name>
          , Sugnaya,
          <string-name>
            <given-names>K.</given-names>
            <surname>Vennela</surname>
          </string-name>
          , G. Nikhila,
          <source>Detection of SQL Injection Attack Using Adaptive Deep Forest</source>
          ,
          <source>2022 International Conference on Communication, Computing and Internet of Things, IC3IoT 2022 - Proceedings</source>
          (
          <year>2022</year>
          ).
          <source>doi:10.1109/IC3IOT53935</source>
          .
          <year>2022</year>
          .
          <volume>9767878</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref4">
        <mixed-citation>
          [4]
          <string-name>
            <given-names>S.</given-names>
            <surname>Hariharan</surname>
          </string-name>
          ,
          <string-name>
            <given-names>A.</given-names>
            <surname>Velicheti</surname>
          </string-name>
          ,
          <string-name>
            <given-names>A.</given-names>
            <surname>Anagha</surname>
          </string-name>
          , C. Thomas,
          <string-name>
            <given-names>N.</given-names>
            <surname>Balakrishnan</surname>
          </string-name>
          ,
          <article-title>Explainable artificial intelligence in cybersecurity: A brief review</article-title>
          ,
          <source>in: 2021 4th International Conference on Security and Privacy (ISEA-ISAP)</source>
          , IEEE,
          <year>2021</year>
          , pp.
          <fpage>1</fpage>
          -
          <lpage>12</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref5">
        <mixed-citation>
          [5]
          <string-name>
            <given-names>P.</given-names>
            <surname>By</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D.</given-names>
            <surname>Kumar</surname>
          </string-name>
          , G. By,
          <string-name>
            <given-names>M.</given-names>
            <surname>Mehta</surname>
          </string-name>
          ,
          <source>Explainable Artificial Intelligence for Cyber Security</source>
          , volume
          <volume>1025</volume>
          <source>of Studies in Computational Intelligence</source>
          , Springer International Publishing, Cham,
          <year>2022</year>
          . URL: https://link.springer.com/10.1007/978-3-
          <fpage>030</fpage>
          -96630-0. doi:
          <volume>10</volume>
          .1007/ 978-3-
          <fpage>030</fpage>
          -96630-0.
        </mixed-citation>
      </ref>
      <ref id="ref6">
        <mixed-citation>
          [6]
          <string-name>
            <given-names>P.</given-names>
            <surname>By</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D.</given-names>
            <surname>Kumar</surname>
          </string-name>
          , G. By,
          <string-name>
            <given-names>M.</given-names>
            <surname>Mehta</surname>
          </string-name>
          ,
          <source>Explainable Artificial Intelligence for Cyber Security</source>
          , volume
          <volume>1025</volume>
          <source>of Studies in Computational Intelligence</source>
          , Springer International Publishing, Cham,
          <year>2022</year>
          . URL: https://link.springer.com/10.1007/978-3-
          <fpage>030</fpage>
          -96630-0. doi:
          <volume>10</volume>
          .1007/ 978-3-
          <fpage>030</fpage>
          -96630-0.
        </mixed-citation>
      </ref>
      <ref id="ref7">
        <mixed-citation>
          [7]
          <string-name>
            <given-names>R. M.</given-names>
            <surname>Thiyab</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Ali</surname>
          </string-name>
          ,
          <string-name>
            <given-names>F.</given-names>
            <surname>Basil</surname>
          </string-name>
          , et al.,
          <article-title>The impact of sql injection attacks on the security of databases</article-title>
          ,
          <source>in: Proceedings of the 6th International Conference of Computing &amp; Informatics</source>
          , School of Computing,
          <year>2017</year>
          , pp.
          <fpage>323</fpage>
          -
          <lpage>331</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref8">
        <mixed-citation>
          [8]
          <string-name>
            <given-names>T.</given-names>
            <surname>Dias</surname>
          </string-name>
          ,
          <string-name>
            <given-names>N.</given-names>
            <surname>Oliveira</surname>
          </string-name>
          ,
          <string-name>
            <given-names>N.</given-names>
            <surname>Sousa</surname>
          </string-name>
          ,
          <string-name>
            <given-names>I.</given-names>
            <surname>Praça</surname>
          </string-name>
          ,
          <string-name>
            <given-names>O.</given-names>
            <surname>Sousa</surname>
          </string-name>
          ,
          <article-title>A hybrid approach for an interpretable and explainable intrusion detection system</article-title>
          ,
          <source>in: Intelligent Systems Design and Applications: 21st International Conference on Intelligent Systems Design and Applications (ISDA 2021) Held During December 13-15</source>
          ,
          <year>2021</year>
          , Springer,
          <year>2022</year>
          , pp.
          <fpage>1035</fpage>
          -
          <lpage>1045</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref9">
        <mixed-citation>
          [9]
          <string-name>
            <given-names>M.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>K.</given-names>
            <surname>Zheng</surname>
          </string-name>
          ,
          <string-name>
            <given-names>Y.</given-names>
            <surname>Yang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>X.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <article-title>An explainable machine learning framework for intrusion detection systems</article-title>
          ,
          <source>IEEE Access 8</source>
          (
          <year>2020</year>
          )
          <fpage>73127</fpage>
          -
          <lpage>73141</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref10">
        <mixed-citation>
          [10]
          <string-name>
            <given-names>Y.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>P.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>Z.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Cao</surname>
          </string-name>
          ,
          <article-title>An explainable intrusion detection system</article-title>
          ,
          <source>in: 2021 IEEE 23rd Int Conf on High Performance Computing &amp; Communications</source>
          ,
          <string-name>
            <surname>IEEE</surname>
          </string-name>
          ,
          <year>2021</year>
          , pp.
          <fpage>1657</fpage>
          -
          <lpage>1662</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref11">
        <mixed-citation>
          [11]
          <string-name>
            <surname>T.-T.-H. Le</surname>
            ,
            <given-names>H.</given-names>
          </string-name>
          <string-name>
            <surname>Kim</surname>
            ,
            <given-names>H.</given-names>
          </string-name>
          <string-name>
            <surname>Kang</surname>
            ,
            <given-names>H.</given-names>
          </string-name>
          <string-name>
            <surname>Kim</surname>
          </string-name>
          ,
          <article-title>Classification and explanation for intrusion detection system based on ensemble trees and shap method</article-title>
          ,
          <source>Sensors</source>
          <volume>22</volume>
          (
          <year>2022</year>
          )
          <fpage>1154</fpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref12">
        <mixed-citation>
          [12]
          <string-name>
            <given-names>S.</given-names>
            <surname>Wali</surname>
          </string-name>
          ,
          <string-name>
            <surname>I. Khan</surname>
          </string-name>
          ,
          <article-title>Explainable ai and random forest based reliable intrusion detection system (</article-title>
          <year>2021</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref13">
        <mixed-citation>
          [13]
          <string-name>
            <given-names>E.</given-names>
            <surname>Tcydenova</surname>
          </string-name>
          ,
          <string-name>
            <given-names>T. W.</given-names>
            <surname>Kim</surname>
          </string-name>
          ,
          <string-name>
            <given-names>C.</given-names>
            <surname>Lee</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J. H.</given-names>
            <surname>Park</surname>
          </string-name>
          ,
          <article-title>Detection of adversarial attacks in ai-based intrusion detection systems using explainable ai, Human-centric Comput</article-title>
          .
          <source>Inf. Sci</source>
          .
          <volume>11</volume>
          (
          <year>2021</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref14">
        <mixed-citation>
          [14]
          <string-name>
            <given-names>M.</given-names>
            <surname>Kinkead</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S.</given-names>
            <surname>Millar</surname>
          </string-name>
          ,
          <string-name>
            <given-names>N.</given-names>
            <surname>McLaughlin</surname>
          </string-name>
          ,
          <string-name>
            <surname>P.</surname>
          </string-name>
          <article-title>O'Kane, Towards explainable cnns for android malware detection</article-title>
          ,
          <source>Procedia Computer Science</source>
          <volume>184</volume>
          (
          <year>2021</year>
          )
          <fpage>959</fpage>
          -
          <lpage>965</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref15">
        <mixed-citation>
          [15]
          <string-name>
            <given-names>J.</given-names>
            <surname>Feichtner</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S.</given-names>
            <surname>Gruber</surname>
          </string-name>
          ,
          <article-title>Understanding privacy awareness in android app descriptions using deep learning</article-title>
          ,
          <source>in: Proceedings of the tenth ACM conference on data and application security and privacy</source>
          ,
          <year>2020</year>
          , pp.
          <fpage>203</fpage>
          -
          <lpage>214</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref16">
        <mixed-citation>
          [16]
          <string-name>
            <surname>M. M. Alani</surname>
          </string-name>
          , Botstop:
          <article-title>Packet-based eficient and explainable iot botnet detection using machine learning</article-title>
          ,
          <source>Computer Communications</source>
          <volume>193</volume>
          (
          <year>2022</year>
          )
          <fpage>53</fpage>
          -
          <lpage>62</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref17">
        <mixed-citation>
          [17]
          <string-name>
            <given-names>P. P.</given-names>
            <surname>Kundu</surname>
          </string-name>
          ,
          <string-name>
            <given-names>T.</given-names>
            <surname>Truong-Huu</surname>
          </string-name>
          ,
          <string-name>
            <given-names>L.</given-names>
            <surname>Chen</surname>
          </string-name>
          ,
          <string-name>
            <given-names>L.</given-names>
            <surname>Zhou</surname>
          </string-name>
          ,
          <string-name>
            <given-names>S. G.</given-names>
            <surname>Teo</surname>
          </string-name>
          ,
          <article-title>Detection and classification of botnet trafic using deep learning with model explanation</article-title>
          ,
          <source>IEEE Transactions on Dependable and Secure Computing</source>
          (
          <year>2022</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref18">
        <mixed-citation>
          [18]
          <string-name>
            <given-names>S. S. H.</given-names>
            <surname>Shah</surname>
          </string-name>
          ,
          <source>SQL injection dataset | Kaggle</source>
          ,
          <year>2021</year>
          . URL: https://www.kaggle.com/datasets/ syedsaqlainhussain/sql-injection-dataset.
        </mixed-citation>
      </ref>
      <ref id="ref19">
        <mixed-citation>
          [19]
          <string-name>
            <given-names>M.</given-names>
            <surname>Hasan</surname>
          </string-name>
          ,
          <string-name>
            <given-names>Z.</given-names>
            <surname>Balbahaith</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Tarique</surname>
          </string-name>
          ,
          <source>Detection of SQL Injection Attacks: A Machine Learning Approach, 2019 International Conference on Electrical and Computing Technologies and Applications</source>
          ,
          <string-name>
            <surname>ICECTA</surname>
          </string-name>
          <year>2019</year>
          (
          <year>2019</year>
          ).
          <source>doi:10.1109/ICECTA48151</source>
          .
          <year>2019</year>
          .
          <volume>8959617</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref20">
        <mixed-citation>
          [20]
          <string-name>
            <given-names>H.</given-names>
            <surname>Gao</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J.</given-names>
            <surname>Zhu</surname>
          </string-name>
          , L. Liu,
          <string-name>
            <given-names>J.</given-names>
            <surname>Xu</surname>
          </string-name>
          ,
          <string-name>
            <given-names>Y.</given-names>
            <surname>Wu</surname>
          </string-name>
          , A. Liu,
          <article-title>Detecting SQL injection attacks using grammar pattern recognition and access behavior mining</article-title>
          ,
          <source>Proceedings - IEEE International Conference on Energy Internet</source>
          ,
          <string-name>
            <surname>ICEI</surname>
          </string-name>
          <year>2019</year>
          (
          <year>2019</year>
          )
          <fpage>493</fpage>
          -
          <lpage>498</lpage>
          . doi:
          <volume>10</volume>
          .1109/ICEI.
          <year>2019</year>
          .
          <volume>00093</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref21">
        <mixed-citation>
          [21]
          <string-name>
            <given-names>Q.</given-names>
            <surname>Li</surname>
          </string-name>
          ,
          <string-name>
            <given-names>W.</given-names>
            <surname>Li</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J.</given-names>
            <surname>Wang</surname>
          </string-name>
          , M. Cheng,
          <string-name>
            <given-names>A SQL</given-names>
            <surname>Injection</surname>
          </string-name>
          <article-title>Detection Method Based on Adaptive Deep Forest, IEEE Access 7 (</article-title>
          <year>2019</year>
          )
          <fpage>145385</fpage>
          -
          <lpage>145394</lpage>
          . doi:
          <volume>10</volume>
          .1109/ACCESS.
          <year>2019</year>
          .
          <volume>2944951</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref22">
        <mixed-citation>
          [22]
          <string-name>
            <given-names>D.</given-names>
            <surname>Tripathy</surname>
          </string-name>
          ,
          <string-name>
            <given-names>R.</given-names>
            <surname>Gohil</surname>
          </string-name>
          , T. Halabi,
          <article-title>Detecting SQL Injection Attacks in Cloud SaaS using Machine Learning</article-title>
          ,
          <source>Proceedings - 2020 IEEE 6th Intl Conference on Big Data Security on Cloud, BigDataSecurity</source>
          <year>2020</year>
          (
          <year>2020</year>
          )
          <fpage>145</fpage>
          -
          <lpage>150</lpage>
          . doi:
          <volume>10</volume>
          .1109/
          <string-name>
            <surname>BigDataSecurity-HPSC-IDS49724</surname>
          </string-name>
          .
          <year>2020</year>
          .
          <volume>00035</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref23">
        <mixed-citation>
          [23]
          <string-name>
            <given-names>Q.</given-names>
            <surname>Li</surname>
          </string-name>
          ,
          <string-name>
            <given-names>F.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>J.</given-names>
            <surname>Wang</surname>
          </string-name>
          ,
          <string-name>
            <given-names>W.</given-names>
            <surname>Li</surname>
          </string-name>
          ,
          <article-title>LSTM-Based SQL Injection Detection Method for Intelligent Transportation System</article-title>
          ,
          <source>IEEE Transactions on Vehicular Technology</source>
          <volume>68</volume>
          (
          <year>2019</year>
          )
          <fpage>4182</fpage>
          -
          <lpage>4191</lpage>
          . doi:
          <volume>10</volume>
          .1109/TVT.
          <year>2019</year>
          .
          <volume>2893675</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref24">
        <mixed-citation>
          [24]
          <string-name>
            <given-names>K.</given-names>
            <surname>Kamtuo</surname>
          </string-name>
          ,
          <string-name>
            <given-names>C.</given-names>
            <surname>Soomlek</surname>
          </string-name>
          ,
          <article-title>Machine Learning for SQL injection prevention on server-side scripting</article-title>
          , in: 2016 International Computer Science and Engineering Conference (ICSEC), IEEE,
          <year>2016</year>
          , pp.
          <fpage>1</fpage>
          -
          <lpage>6</lpage>
          . URL: http://ieeexplore.ieee.org/document/7859950/. doi:
          <volume>10</volume>
          .1109/ ICSEC.
          <year>2016</year>
          .
          <volume>7859950</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref25">
        <mixed-citation>
          [25]
          <string-name>
            <surname>D. Das</surname>
            ,
            <given-names>U.</given-names>
          </string-name>
          <string-name>
            <surname>Sharma</surname>
            ,
            <given-names>D. K.</given-names>
          </string-name>
          <string-name>
            <surname>Bhattacharyya</surname>
          </string-name>
          ,
          <article-title>Defeating SQL injection attack in authentication security: an experimental study</article-title>
          ,
          <source>International Journal of Information Security</source>
          <volume>18</volume>
          (
          <year>2019</year>
          )
          <fpage>1</fpage>
          -
          <lpage>22</lpage>
          . doi:
          <volume>10</volume>
          .1007/s10207-017-0393-x.
        </mixed-citation>
      </ref>
      <ref id="ref26">
        <mixed-citation>
          [26]
          <string-name>
            <surname>Ö. Kasim</surname>
          </string-name>
          ,
          <article-title>An ensemble classification-based approach to detect attack level of SQL injections</article-title>
          ,
          <source>Journal of Information Security and Applications</source>
          <volume>59</volume>
          (
          <year>2021</year>
          )
          <fpage>0</fpage>
          -
          <lpage>3</lpage>
          . doi:
          <volume>10</volume>
          .1016/j. jisa.
          <year>2021</year>
          .
          <volume>102852</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref27">
        <mixed-citation>
          [27]
          <string-name>
            <surname>M. R. Ul Islam</surname>
            ,
            <given-names>M. S.</given-names>
          </string-name>
          <string-name>
            <surname>Islam</surname>
            ,
            <given-names>Z.</given-names>
          </string-name>
          <string-name>
            <surname>Ahmed</surname>
            ,
            <given-names>A.</given-names>
          </string-name>
          <string-name>
            <surname>Iqbal</surname>
            ,
            <given-names>R.</given-names>
          </string-name>
          <string-name>
            <surname>Shahriyar</surname>
          </string-name>
          ,
          <article-title>Automatic detection of NoSQL injection using supervised learning</article-title>
          ,
          <source>Proceedings - International Computer Software and Applications Conference</source>
          <volume>1</volume>
          (
          <year>2019</year>
          )
          <fpage>760</fpage>
          -
          <lpage>769</lpage>
          . doi:
          <volume>10</volume>
          .1109/COMPSAC.
          <year>2019</year>
          .
          <volume>00113</volume>
          .
        </mixed-citation>
      </ref>
      <ref id="ref28">
        <mixed-citation>
          [28]
          <string-name>
            <given-names>N. M.</given-names>
            <surname>Sheykhkanloo</surname>
          </string-name>
          ,
          <article-title>Employing Neural Networks for the detection of SQL injection attack</article-title>
          ,
          <source>ACM International Conference Proceeding Series 2014-September</source>
          (
          <year>2014</year>
          )
          <fpage>318</fpage>
          -
          <lpage>323</lpage>
          . doi:
          <volume>10</volume>
          .1145/2659651.2659675.
        </mixed-citation>
      </ref>
      <ref id="ref29">
        <mixed-citation>
          [29]
          <string-name>
            <surname>R. L. de Mántaras</surname>
            ,
            <given-names>D.</given-names>
          </string-name>
          <string-name>
            <surname>McSherry</surname>
            ,
            <given-names>D. G.</given-names>
          </string-name>
          <string-name>
            <surname>Bridge</surname>
            ,
            <given-names>D. B.</given-names>
          </string-name>
          <string-name>
            <surname>Leake</surname>
            ,
            <given-names>B.</given-names>
          </string-name>
          <string-name>
            <surname>Smyth</surname>
            ,
            <given-names>S.</given-names>
          </string-name>
          <string-name>
            <surname>Craw</surname>
            ,
            <given-names>B.</given-names>
          </string-name>
          <string-name>
            <surname>Faltings</surname>
            ,
            <given-names>M. L.</given-names>
          </string-name>
          <string-name>
            <surname>Maher</surname>
            ,
            <given-names>M. T.</given-names>
          </string-name>
          <string-name>
            <surname>Cox</surname>
            ,
            <given-names>K. D.</given-names>
          </string-name>
          <string-name>
            <surname>Forbus</surname>
            ,
            <given-names>M. T.</given-names>
          </string-name>
          <string-name>
            <surname>Keane</surname>
            ,
            <given-names>A.</given-names>
          </string-name>
          <string-name>
            <surname>Aamodt</surname>
            ,
            <given-names>I. D.</given-names>
          </string-name>
          <string-name>
            <surname>Watson</surname>
          </string-name>
          ,
          <article-title>Retrieval, reuse, revision and retention in case-based reasoning</article-title>
          ,
          <source>Knowl. Eng. Rev</source>
          .
          <volume>20</volume>
          (
          <year>2005</year>
          )
          <fpage>215</fpage>
          -
          <lpage>240</lpage>
          . doi:
          <volume>10</volume>
          .1017/S0269888906000646.
        </mixed-citation>
      </ref>
    </ref-list>
  </back>
</article>