Hugging Face's logo

cssupport
/
mobilebert-sql-injection-detect

Text Classification
Transformers
PyTorch
English
mobilebert
pretraining
Inference Endpoints
Model card Files Community
3

Model Card for Model ID

Based on google/mobilebert-uncased (MobileBERT is a thin version of BERT_LARGE, while equipped with bottleneck structures and a carefully designed balance between self-attentions and feed-forward networks). This model detects SQLInjection attacks in the input string (check How To Below). This is a very very light model (100mb) and can be used for edge computing use cases. Used dataset from Kaggle called SQl_Injection. Please test the model before deploying into any environment. Contact us for more info: [email protected]

Code Repo

Here is the code repo https://github.com/cssupport23/AI-Model---SQL-Injection-Attack-Detector

Model Details

Model Description

Model Sources

Please refer google/mobilebert-uncased for Model Sources.

How to Get Started with the Model

Use the code below to get started with the model.

import torch
from transformers import MobileBertTokenizer, MobileBertForSequenceClassification


device = torch.device('cuda' if torch.cuda.is_available() else 'cpu')
tokenizer = MobileBertTokenizer.from_pretrained('google/mobilebert-uncased')
model = MobileBertForSequenceClassification.from_pretrained('cssupport/mobilebert-sql-injection-detect')
model.to(device)
model.eval()

def predict(text):
    inputs = tokenizer(text, padding=False, truncation=True, return_tensors='pt', max_length=512)
    input_ids = inputs['input_ids'].to(device)
    attention_mask = inputs['attention_mask'].to(device)

    with torch.no_grad():
        outputs = model(input_ids=input_ids, attention_mask=attention_mask)

    logits = outputs.logits
    probabilities = torch.softmax(logits, dim=1)
    predicted_class = torch.argmax(probabilities, dim=1).item()
    return predicted_class, probabilities[0][predicted_class].item()


#text = "SELECT * FROM users WHERE username = 'admin' AND password = 'password';"
#text = "select * from users where username = 'admin' and password = 'password';"
#text = "SELECT * from USERS where id  =  '1' or @ @1  =  1 union select 1,version  (    )   -- 1'"
#text = "select * from data where id  =  '1'  or @"
text ="select * from users where id  =  1 or 1#\"?  =  1 or 1  =  1 -- 1"
predicted_class, confidence = predict(text)

if predicted_class > 0.7:
    print("Prediction: SQL Injection Detected")
else:
    print("Prediction: No SQL Injection Detected")
    
print(f"Confidence: {confidence:.2f}")
# OUTPUT
# Prediction: SQL Injection Detected
# Confidence: 1.00

Uses

[More Information Needed]

Direct Use

Could used in application where natural language is to be converted into SQL queries. [More Information Needed]

Out-of-Scope Use

[More Information Needed]

Bias, Risks, and Limitations

[More Information Needed]

Recommendations

Users (both direct and downstream) should be made aware of the risks, biases and limitations of the model. More information needed for further recommendations.

Technical Specifications

Model Architecture and Objective

google/mobilebert-uncased

Compute Infrastructure

Hardware

one P6000 GPU

Software

Pytorch and HuggingFace

Disclaimer

Educational/Informational Use Only

This model is provided solely for educational or informational purposes. It is not intended to be used for malicious activities or any other unlawful behavior.

No Warranty

This model is provided on an "as is" basis, without warranties or conditions of any kind, whether express or implied. We make no guarantees regarding its accuracy, reliability, or performance. Use of this model is at your own risk.

Limitation of Liability

Under no circumstances shall the creators, maintainers, or contributors of this model be held liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including but not limited to procurement of substitute goods or services; loss of use, data, or profits; or business interruption) arising out of the use or inability to use this model, even if advised of the possibility of such damage.

No Responsibility for Outcomes

We are not responsible for any damages, security breaches, or other issues that may result from using this model. If the model fails to detect certain SQL injection attacks or produces false positives, we will not be held liable for any consequences arising from such outcomes.

User Responsibility

By using or downloading this model, you agree to be solely responsible for compliance with all applicable laws and regulations. Any misuse of this model, including using it to facilitate or commit malicious activities, remains the sole responsibility of the user.

Downloads last month
2,133
Inference Examples
Text Classification
This model does not have enough activity to be deployed to Inference API (serverless) yet. Increase its social visibility and check back later, or deploy to Inference Endpoints (dedicated) instead.