An Investigation of Machine Learning Algorithms for High-bandwidth SQL Injection Detection Utilising BlueField-3 DPU Technology

SQL injection attacks present a significant risk to data center security. Traditional rule-based pattern matching techniques exhibit limitations, such as inability to adapt to new attack types, to give decision confidence and lower detection accuracy. Machine learning (ML) based approaches offer promising alternatives; however, their computational requirements and the increasing volume of network traffic pose challenges for their application in conventional hardware. Data Processing Units (DPUs) have emerged as the tailored computing platform for infrastructure related workloads within data centers including security. This paper evaluates the performance and efficiency of classical ML methods for SQL injection detection utilising computing resources on DPUs.In this study, 20 prominent ML models are tested against a dataset comprising 30,000 SQL payloads, and their performance is compared in a series of experiments. The results indicate that the Passive Aggressive Classifier is the most suitable model for near-real-time detection, achieving a detection latency of approximately 0.3μs/sample with an accuracy of 99.78%. This paper demonstrates that ML methods can be efficiently and effectively deployed on DPUs for SQL injection detection, providing valuable insights into threat intelligence for enhancing data center security. The codes of this study can be found at: https://github.com/gdrlab/dpu-sqli-detection.