Student Presenter(s): Akshay Vallinayagam, Veera Venkata Sai Krisna Sunkara, Jasneet Singh Parmar
Faculty Mentor: Maryam R. Aliabadi
School/College: Engineering & Computing Sciences, Vancouver

In the modern era, SQL Injection Attack is a severe threat to the ongoing cyber world's security, especially for many web applications that are hosted online. This attack significantly alters the database and causes substantial damage, making it one of the top security risks, according to OWASP TOP 10. In this paper, we develop a lightweight ML-based detection system based on the Xgboost classifier algorithm and implement it in a live web application. We train and test the ML model with a dataset of around 30000 entries, including regular and SQLi queries. The qualified model is then deployed in a live web application built using python FLASK to detect and prevent SQL injection attempts. With the suggested model, we were able to achieve an F1 score of 0.996 and accurately detect and log SQL injection attacks.