IMPLEMENTASI ALGORITMA TEXTCNN PADA SISTEM DETEKSI SQL INJECTION BERBASIS APLIKASI WEB

    Aulia Putri Cendekia, - and Muhammad Taufik Dwi Putra, - and Devi Aprianti Rimadhani Agustini, - (2025) IMPLEMENTASI ALGORITMA TEXTCNN PADA SISTEM DETEKSI SQL INJECTION BERBASIS APLIKASI WEB. S1 thesis, Universitas Pendidikan Indonesia.

    Abstract

    Serangan SQL Injection (SQLi) menduduki peringkat teratas OWASP Top 10 pada tahun 2025, serangan ini dapat mengancam keamanan aplikasi web dengan potensi kebocoran jutaan data sensitif. Penelitian ini mengembangkan sistem deteksi SQLi berbasis web menggunakan algoritma Text Convolutional Neural Network (TextCNN) yang mampu menganalisis pola berbahaya dalam kueri SQL secara real-time. Penelitian ini menggunakan metode D&D dalam pengembangan model hingga model TextCNN dapat dilatih dengan dataset berlabel kueri normal dan serangan SQLi dengan proses tokenisasi dan embedding hingga lapisan konvolusional. Pengujian dilakukan dengan mengintegrasi model kedalam aplikasi web untuk dapat melihat model mendeteksi serangan dengan respons real-time. Evaluasi metrik dilakukan agar dapat menunjukkan keberhasilan model dalam mendeteksi, sedangkan blackbox digunakan untuk mengevaluasi aplikasi web sistem deteksi SQL Injection. Hasil evaluasi menunjukkan akurasi rata-rata 98%, dengan precision, recall, dan F1-score tinggi. Sistem efektif mendeteksi first-order SQLi (boolean-based, time-based, union-based) dengan FP/FN rendah. Selain itu, model berhasil diintegrasikan secara real-time kedalam aplikasi web. ---------- SQL Injection (SQLi) attacks ranked at the top of the OWASP Top 10 in 2025. These attacks pose a serious threat to web application security, with the potential to expose millions of sensitive data records. This study develops a web-based SQLi detection system using the Text Convolutional Neural Network (TextCNN) algorithm, which is capable of analyzing malicious patterns in SQL queries in real time. The research adopts the Design and Development (D&D) methodology to develop the model, enabling the TextCNN to be trained on labeled datasets consisting of normal queries and SQLi attacks through tokenization, embedding, and convolutional layers. Testing is conducted by integrating the model into a web application to evaluate its real-time detection capabilities. Evaluation metrics are used to demonstrate the model’s detection performance, while black-box testing is applied to assess the SQL Injection detection system within the web application. The evaluation results show an average accuracy of 98%, with high precision, recall, and F1-score values. The system effectively detects first-order SQLi attacks (boolean-based, time-based, and union-based) with low false positive and false negative rates. Furthermore, the model is successfully integrated into a web application for real-time operation.

    Baca Full Text klik disini
    [thumbnail of S_TEKOM_2006303_TITLE.pdf] Text
    S_TEKOM_2006303_TITLE.pdf
    Download (533kB)
    [thumbnail of S_TEKOM_2006303_CHAPTER1.pdf] Text
    S_TEKOM_2006303_CHAPTER1.pdf
    Download (273kB)
    [thumbnail of S_TEKOM_2006303_CHAPTER2.pdf] Text
    S_TEKOM_2006303_CHAPTER2.pdf
    Restricted to Staf Perpustakaan
    Download (445kB)
    [thumbnail of S_TEKOM_2006303_CHAPTER3.pdf] Text
    S_TEKOM_2006303_CHAPTER3.pdf
    Download (658kB)
    [thumbnail of S_TEKOM_2006303_CHAPTER4.pdf] Text
    S_TEKOM_2006303_CHAPTER4.pdf
    Restricted to Staf Perpustakaan
    Download (723kB)
    [thumbnail of S_TEKOM_2006303_CHAPTER5.pdf] Text
    S_TEKOM_2006303_CHAPTER5.pdf
    Download (250kB)
    [thumbnail of S_TEKOM_2006303_Appendix.pdf] Text
    S_TEKOM_2006303_Appendix.pdf
    Restricted to Staf Perpustakaan
    Download (1MB)
    Official URL: https://repository.upi.edu
    Item Type: Thesis (S1)
    Additional Information: https://scholar.google.com/citations?view_op=list_works&hl=en&user=ubNaDwwAAAAJ ID Sinta Dosen Pembimbing: Muhammad Taufik Dwi Putra : 0017019403 Devi Aprianti Rimadhani Agustini : 0021048907
    Uncontrolled Keywords: SQL Injection, TextCNN, Deep Learning, deteksi serangan, aplikasi web. SQL Injection, TextCNN, Deep Learning, Attack Detection, Web Application Security.
    Subjects: L Education > L Education (General)
    Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Q Science > QA Mathematics > QA76 Computer software
    Divisions: UPI Kampus cibiru > S1 Teknik Komputer
    Depositing User: Aulia Putri Cendekia
    Date Deposited: 05 Jan 2026 08:22
    Last Modified: 05 Jan 2026 08:22
    URI: http://repository.upi.edu/id/eprint/146227

    Actions (login required)

    View Item View Item