Performance Analysis of a Hybrid Autoencoder-TCN Model for SQLi Detection: Accuracy, Efficiency and Generalizability

Abstract

Structured Query Language Injection (SQLi) attacks remain a critical cybersecurity threat, exploiting vulnerabilities in web applications to compromise database integrity and confidentiality. Traditional detection methods, such as rule-based systems and conventional machine learning models, face limitations in generalizing to novel attack patterns and preserving sequential query context. This study proposes a novel hybrid deep learning architecture integrating autoencoders, tokenization, and Temporal Convolutional Networks (TCNs) to address these challenges. The framework employs SQL-aware tokenization to parse queries into syntactic units, an autoencoder to learn latent representations of benign query patterns, and a TCN to model temporal dependencies in token sequences. By combining anomaly detection (via reconstruction error) with temporal analysis, the model identifies both known and zero-day SQLi attacks with high precision. Evaluated on a labeled dataset of 10,000 SQL queries (1,200 malicious, 8,800 benign), the proposed approach achieves 95.5% accuracy, 94.0% F1-score, and 95.5% recall, outperforming baseline models such as CNNs, LSTMs, and standalone autoencoders. The TCN’s parallel processing capability reduces inference latency by 32% compared to recurrent architectures, making it suitable for real-time deployment. Furthermore, tokenization enables interpretability by localizing malicious query segments, aligning with regulatory demands for explainable AI in cybersecurity. This work advances SQLi detection by bridging gaps in temporal modeling, computational efficiency, and generalization, offering a scalable solution for securing web applications against evolving injection threats.