INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGIES

AI-POWERED SYSTEM FOR NETWORK ACTIVITY MONITORING AND DETECTION OF SQL INJECTION ATTACKS USING ZABBIX AND GRAFANA

Authors

  • S. Amanzholova Astana IT University
  • G. Mutanov Institute of Information and Computational Technologies
  • S. Mukhanov Astana IT University
  • O. Ussatova2 Institute of Information and Computational Technologies
  • A. Razaque Arkansas Tech University

DOI:

https://doi.org/10.54309/IJICT.2025.23.3.004

Keywords:

SQL injection, WAF, OWASP, Zabbix, Grafana, AI, Network

Abstract

Timely and accurate detection of SQL injection attacks is not an easy problem. It is essentially an online pattern matching task, requiring constant monitoring of huge volumes of network traffic and fast inferences about tiny anomalies. To automate the burden of this task, we design and implement an intelligent monitoring system that combinatorially leverages Zabbix for data ingestion, Grafana for visual interactive analysis, and machine learning models for activity classification. The system architecture continuously pulls raw network flows through Zabbix agents at strategic ingress and egress points. Collected metrics (HTTP request patterns, query payload entropy, anomalous response latency, etc.) are then passed to an optional pre-processing module, which applies feature engineering and dimensionality reduction.

The ensemble of a gradient-boosted decision tree and recurrent neural network then assigns a real-time probabilistic SQL-injection risk score to each session. Events with a score above a pre-set threshold are simultaneously logged to Zabbix, plotted on Grafana dashboards, and routed for action to security orchestration playbooks. The closed feedback loop greatly reduces mean time to detection (MTTD) and mean time to response (MTTR) so that high-risk events are actively responded to by security analysts while benign noise is automatically filtered out.

Experimental validation on a 5.2 million HTTP transaction labeled dataset reports 97.3 % recall and 1.8 % false positives, improving over the signature-based baseline monitors by more than 12 percentage points on F1-score. Production-quality deployment tests also verify zero-overhead (<2 % CPU, <50 MB RAM) on the hosts monitored. The proposed system thus provides an efficient, scalable, and adaptive solution to protect enterprises against SQL-injection attacks with AI-based monitoring.

Downloads

Download data is not yet available.

Downloads

Published

2025-09-15

How to Cite

Amanzholova, S., Galimkair, M., Mukhanov, S., Olga, U., & Razaque , A. (2025). AI-POWERED SYSTEM FOR NETWORK ACTIVITY MONITORING AND DETECTION OF SQL INJECTION ATTACKS USING ZABBIX AND GRAFANA. INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGIES, 6(3), 61–83. https://doi.org/10.54309/IJICT.2025.23.3.004

Issue

Vol. 6 No. 3 (2025): МЕЖДУНАРОДНЫЙ ЖУРНАЛ ИНФОРМАЦИОННЫХ И КОММУНИКАЦИОННЫХ ТЕХНОЛОГИЙ

Section

ИНФОРМАЦИОННЫЕ ТЕХНОЛОГИИ

License

Copyright (c) 2025 INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGIES

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

https://creativecommons.org/licenses/by-nc-nd/3.0/deed.en

Similar Articles

1 2 3 4 5 6 > >> 

You may also start an advanced similarity search for this article.