An AI-based Intrusion Detection System for SQL Injection Attacks in Smart Home IoT Networks

Abstract

The widespread adoption of Internet of Things (IoT) technologies has transformed smart home environments by enhancing automation, connectivity, and user-centric functionality. However, the advancements also introduce different security vulnerabilities, among which SQL injection attack has become notably pervasive and damaging. The attack involves adversaries injecting or manipulating SQL queries through insecure IoT device interfaces, corrupting databases or exfiltrating data, which lead to unauthorized access, data leakage, device control compromise, and cascading effects across connected systems. In response to this attack, this study proposes an Intrusion Detection System (IDS) to detect and mitigate SQL injection attacks in IoT-based smart home networks. To ensure resilience and performance, the proposed IDS framework integrates three principal categories of artificial intelligence algorithms based on their distinct methodological advantages: first, traditional machine learning techniques, which provide foundational classification and clustering capabilities with interpretable decision boundaries and efficient performance on structured data; second, boosting-based ensemble methods, which contribute enhanced predictive accuracy and robustness through iterative refinement and sensitivity to complex feature interactions; and third, deep learning architectures, which further enrich the system by enabling hierarchical feature extraction and temporal pattern modeling, particularly suited to high-dimensional and sequential intrusion data. The strategic integration of these algorithmic classes allows the IDS to leverage complementary strengths, resulting in improved detection accuracy and adaptability across diverse threat environments.