CFP last date
22 December 2025
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 22 December 2025

Submit your paper
Know more
The week's pick
Responsive image
A Hybrid Transformer-CNN Framework with Early and Late Fusion for Robust Skin Lesion Classification

Raihan Tanvir
Random Articles
Reseach Article

Application of Machine Learning Algorithms with Zero Trust Principles for Preventing Malware and SQL Injection Attack in a Cloud Database

by Obasi E.C.M., Timadi M.E.
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Number 53
Year of Publication: 2025
Authors: Obasi E.C.M., Timadi M.E.
10.5120/ijca2025925893

Obasi E.C.M., Timadi M.E. . Application of Machine Learning Algorithms with Zero Trust Principles for Preventing Malware and SQL Injection Attack in a Cloud Database. International Journal of Computer Applications. 187, 53 ( Nov 2025), 8-19. DOI=10.5120/ijca2025925893

@article{ 10.5120/ijca2025925893,
author = { Obasi E.C.M., Timadi M.E. },
title = { Application of Machine Learning Algorithms with Zero Trust Principles for Preventing Malware and SQL Injection Attack in a Cloud Database },
journal = { International Journal of Computer Applications },
issue_date = { Nov 2025 },
volume = { 187 },
number = { 53 },
month = { Nov },
year = { 2025 },
issn = { 0975-8887 },
pages = { 8-19 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume187/number53/application-of-machine-learning-algorithms-with-zero-trust-principles-for-preventing-malware-and-sql-injection-attack-in-a-cloud-database/ },
doi = { 10.5120/ijca2025925893 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-11-18T21:10:40.380357+05:30
%A Obasi E.C.M.
%A Timadi M.E.
%T Application of Machine Learning Algorithms with Zero Trust Principles for Preventing Malware and SQL Injection Attack in a Cloud Database
%J International Journal of Computer Applications
%@ 0975-8887
%V 187
%N 53
%P 8-19
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Cloud databases face persistent threats such as SQL injection and malware attacks that compromise confidentiality, integrity, and availability. This study proposes a Zero Trust Cloud Database Access Control system that integrates supervised machine learning and encryption to provide robust security. The framework enforces continuous verification by subjecting every query and file upload to real-time inspection, regardless of prior authentication. A Feedforward Neural Network (FFNN) was employed to classify SQL queries as benign or malicious, achieving 98% accuracy with high precision in detecting SQL injection attempts. In parallel, a Random Forest classifier was used for malware traffic detection, attaining 99.37% accuracy by analyzing behavioral and statistical features. The system further incorporates encryption mechanisms to secure sensitive information, ensuring that only authorized users with valid keys can access decrypted data. Results demonstrate that combining zero-trust principles with advanced machine learning significantly strengthens defense against evolving threats, reduces false positives, and maintains data confidentiality. The modular design and adaptability of the framework make it suitable for addressing emerging challenges in cloud database security.

References
  1. Aboh, U., Moustafa, N., & Janjua, Z. H. (2024). Advancing cybersecurity: A comprehensive review of AI-driven detection techniques. Journal of Big Data, 11, 91. Springer.
  2. Aryal, K., Gupta, M., & Abdelsalam, M. (2022). Analysis of label-flip poisoning attack on machine learning based malware detector. 2022 IEEE International Conference on Big Data (Big Data) (pp. 4236–4245). IEEE.
  3. Aslan, O., Ozkan-Okay, M., & Gupta, D. (2021). Intelligent behavior-based malware detection system on cloud computing environment. IEEE Access, 9, 83252–83271.
  4. Gandhi, N., Mishra, S., Patel, J., Doshi, N., & Sisodiya, R. (2021). A CNN-BiLSTM based approach for detection of SQL injection attacks. 2021 6th International Conference for Convergence in Technology (I2CT) (pp. 378–383). IEEE.
  5. Gyamfi, N. K., Goranin, N., Čenys, H. A., & Ceponis, D. (2023). Automated system-level malware detection using machine learning: A comprehensive review. Applied Sciences, 13(21), 11908. MDPI.
  6. Hasan, M., Tarique, M., & Balbahaith, Z. (2019). Detection of SQL injection attacks: A machine learning approach. 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA) (pp. 1–6). IEEE.
  7. He, P., Ji, S., Xia, Y., & Zhang, X. (2023). Efficient query-based attack against ML-based Android malware detection under zero knowledge setting. Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 90–104). ACM.
  8. Hidayat, T., & Mahardiko, R. (2020). A systematic literature review method on AES algorithm for data sharing encryption on cloud computing. International Journal of Artificial Intelligence Research, 4(1).
  9. Ige, T., & Sikiru, A. (2022). Implementation of data mining on a secure cloud computing over a web API using supervised machine learning algorithm. In R. Silhavy (Ed.), Artificial Intelligence Trends in Systems. CSOC 2022. Lecture Notes in Networks and Systems (Vol. 502, pp. 203–210). Springer, Cham.
  10. ISOT Malware Dataset. (2023). University of Victoria, Canada. Available at: https://www.uvic.ca/engineering/isot/datasets/
  11. Khan, N., & Al-Yasiri, A. (2016). Cloud security threats and techniques to strengthen cloud computing adoption framework. International Journal of Information Technology and Web Engineering, 11(3), 50–64. IGI Global.
  12. Kurniawan, H., Rosmansyah, Y., & Dabarsyah, B. (2015, August). Android anomaly detection system using machine learning classification. In Proceedings of the 2015 International Conference on Electrical Engineering and Informatics (ICEEI) (pp. 288–293). IEEE.
  13. Markel, Z., & Bilzor, M. (2014, October). Building a machine learning classifier for malware detection. In Proceedings of the 2014 Second Workshop on Anti-Malware Testing Research (WATeR) (pp. 1–4). IEEE.
  14. Mohamad, N. H., Zaidi, M. I. H. B., & Saidin, N. B. (2023). Data security and privacy issues in cloud computing: Challenges and solutions review. Institute of Electrical and Electronics Engineers (IEEE).
  15. MongoDB. (2024). Cloud database overview. Retrieved September 22, 2025, from https://www.mongodb.com.
  16. Nikos, A., Basu, S., Bhanoori, N., et al. (2022). Amazon Redshift. Re-invented. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD '22) (pp. 2205–2217). ACM.
  17. Nnodi, J. T., & Obasi, E. C. M. (2025). Leveraging artificial intelligence for detecting insider threats in corporate networks. University of Ibadan Journal of Science and Logics in ICT Research, 13(1), 130–144.
  18. Obasi, E. C. M., & Abosede, O. (2025). Leveraging machine learning algorithms for enhanced prediction of product yields and purity in chemical reactions. Nile Journal of Engineering and Applied Sciences.
  19. Obasi, E. C. M., & Nlerum, P. A. (2023). A model for the detection and prevention of backdoor attacks using CNN with federated learning. University of Ibadan Journal of Science and Logics in ICT Research, 10(1), 9–21.
  20. Obasi, E. C. M., & Stow, M. T. (2023). A predictive model for uncertainty analysis on big data using Bayesian CNN. University of Ibadan Journal of Science and Logics in ICT Research, 9(1), 52–62.
  21. Omotunde, H., & Ahmed, M. (2023). A comprehensive review of security measures in database systems: Assessing authentication, access control, and beyond. Mesopotamian Journal of Cyber Security, 115–133.
  22. Panker, T., & Nissim, N. (2021). Leveraging malicious behavior traces from volatile memory using machine learning methods for trusted unknown malware detection in Linux cloud environments. Knowledge-Based Systems, 226, 107095. Elsevier.
  23. Shariati, S. M., Ahmadzadegan, M. H., & Abouzarjomehri, A. (2015). Challenges and security issues in cloud computing from two perspectives: Data security and privacy protection. 2015 International Conference on Computer, Communication and Control (IC4) (pp. 1078–1082). IEEE.
  24. Singhal, S., Srivastava, R., Shyam, R., & Mangal, D. (2023). Supervised machine learning for cloud security. 2023 6th International Conference on Information Systems and Computer Networks (ISCON) (pp. 1–5). IEEE.
  25. Stow, M. T., & Obasi, E. C. M. (2025). An interpretable early warning system for malaria outbreak in Bayelsa State using deep learning and climate data. International Journal of Advanced Research in Computer and Communication Engineering, 14(8), 58–101.
  26. Tabrizchi, H., & Kuchaki Rafsanjani, M. (2020). A survey on security challenges in cloud computing: Issues, threats, and solutions. The Journal of Supercomputing, 76(12), 9493–9532. Springer.
  27. Tianfield, H. (2012). Security issues in cloud computing. 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC) (pp. 1082–1089). IEEE.
  28. Timadi, M. E., & Obasi, E. C. M. (2025). Integrating zero-trust architecture with deep learning algorithm to prevent structured query language injection attack in cloud database. University of Ibadan Journal of Science and Logics in ICT Research, 13(1), 52–62.
  29. Tripathy, D., Gohil, R., & Halabi, T. (2020, May). Detecting SQL injection attacks in cloud SaaS using machine learning. In Proceedings of the 2020 IEEE 6th International Conference on Big Data Security on Cloud (BigDataSecurity), High Performance and Smart Computing (HPSC) and Intelligent Data & Security (IDS) (pp. 145–150). IEEE.
  30. Uwagbole, S. O., Fan, L., & Buchanan, W. J. (2017). Applied machine learning predictive analytics to SQL injection attack detection and prevention. In 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) (pp. 1087–1090). IEEE.
  31. UNSW-NB15 Dataset. (2023). University of New South Wales. Available at: https://research.unsw.edu.au/projects/unsw-nb15-dataset.
  32. Xu, Z., Ray, S., Subramanyan, P., & Malik, S. (2017). Malware detection using machine learning-based analysis of virtual memory access patterns. In Proceedings of the 2017 Design, Automation and Test in Europe (DATE 2017) (pp. 169–174). IEEE.
Index Terms

Computer Science
Information Sciences

Keywords

Cloud Database Security SQL Injection Detection Malware Detection Zero Trust Access Control Feedforward Neural Network (FFNN) Random Forest Classifier Data Encryption Anomaly Detection.

Powered by PhDFocusTM