SQL-GUARD: AUTOMATED SQL

INJECTION DETECTION

MINOR PROJECT REPORT

SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR

THE AWARD OF THE DEGREE OF

BACHELOR OF TECHNOLOGY
(Information Technology)

Submitted By: Submitted To.:

Rajanjot Singh (2203877) Dr.Sachin Bagga

Rahul Sharma (2203876) Assistant Professor
Manjot Singh (2203852) Minor Project Coordinator

Department of Information Technology,

Guru Nanak Dev Engineering College,
Ludhiana-141006
 ABSTRACT

The increasing frequency and severity of SQL injection attacks have made web application
security a top priority for organizations. This project, SQL-Guard: Automated SQL
Injection Detection is designed to analyze web request data and automatically detect
potential SQL injection attacks. Implemented using Flask, this tool allows users to upload
network request logs in CSV format and then analyzes them for common SQL injection
patterns. The tool extracts useful details such as source IP addresses, the count of detected
SQLi attempts, the first and last malicious requests, and potential payload formatting
issues.

Additionally, SQL-Guard is platform-independent and lightweight, built entirely with

open-source tools. It can be run locally or deployed on cloud environments with minimal
setup. The lack of a database backend further ensures a faster and more secure operation
without persistence concerns.

Through this project, we aim to contribute a lightweight yet effective defense mechanism to
bolster web application security against SQL injection threats. The scope of this tool can
be extended further to incorporate detection of other web attacks such as XSS or CSRF,
and can potentially integrate with real-time security monitoring systems.

1
 ACKNOWLEDGEMENT

We are highly grateful to Dr. Sehijpal Singh, Principal, Guru Nanak Dev Engineering
College (GNDEC), Ludhiana, for providing this opportunity to carry out the minor project
work at the campus.

The constant guidance and encouragement received from Dr. K.S. Maan, H.O.D., IT
Department, GNDEC Ludhiana, has been of great help in carrying out the project work
and is acknowledged with reverential thanks.

We would like to express a deep sense of gratitude and thanks profusely to Dr.Sachin Bagga
, without his wise counsel and able guidance, it would have been impossible to complete
the project in this manner.

We express gratitude to other faculty members of the Information Technology Department

of GNDEC for their intellectual support throughout the course of this work.

Finally, we are indebted to all whosoever have contributed in this report work.

Rajanjot Singh
Rahul Sharma
Manjot Singh

2
 LIST OF FIGURES

Figure No. Name Page No.

3.5 FlowChart 23
4.1 Upload page 25
4.1 Result Page 25

3
 TABLE OF CONTENTS

Contents Page No.

Abstract i
Acknowledgement ii
List of Figures iii
Table of Contents iv

Chapter 1: Introduction 5–10

1.1 Introduction to Project
1.2 Objectives
1.3 Problem Formulation
1.4 Recognition of Need
1.5 Proposed System
1.6 Unique Features of the System

Chapter 2: Requirement Analysis and System Specification 11–17

2.1 Feasibility Study
2.2 Software Requirement
2.3 Functional Requirement
2.4 Validation Process
2.5 Potential Challenges and Mitigation

Chapter 3: System Design 18–24

3.1 Design Approach
3.2 System Components
3.3 User Requirement
3.4 User Interface Design
3.5 Flowchart
3.6 Methodology

Chapter 4: Results and Discussions 25–26

4.1 User Interface Representation
4.2 Modules Description

Chapter 5: Conclusion and Future Scope 27*28

References/Bibliography

4
CHAPTER 1: INTRODUCTION

1.1 Introduction to Project

In the digital age, the rapid proliferation of web applications has led to an increased risk of cyber
threats. Among the most dangerous and commonly exploited vulnerabilities is SQL injection
(SQLi), which allows attackers to interfere with the queries that an application makes to its
database. This form of attack can lead to unauthorized access to sensitive data, data loss, or even
complete control over a compromised system.

”SQL-Guard: Automated SQL Injection Detection” is a security-focused web application designed

to address this issue by automatically identifying SQL injection attempts from HTTP traffic
logs provided in CSV format. The tool uses pattern recognition, keyword analysis, and heuristic
scanning techniques to detect suspicious request payloads indicative of SQL injection. By allowing
security teams or administrators to upload CSV files containing HTTP request logs, the system
analyzes and identifies potential threats in a matter of seconds.

Developed using Python and the Flask web framework, SQL-Guard provides a lightweight and
user-friendly interface for detection without the need for complex setup or database integration.
This makes it especially suitable for educational institutions, small businesses, or individual de-
velopers who require basic protection but lack access to advanced commercial intrusion detection
systems.

Through automation and simplicity, this project aims to minimize human error, reduce analysis
time, and provide a foundation for future integration with more advanced monitoring tools and
machine learning systems. Ultimately, SQL-Guard is not only a practical utility for basic SQL
injection detection, but also a stepping stone for further exploration into web application security.

5
1.2 Objectives
1. To extract and analyse attack data by identifying the attacker’s IP and counting SQL
injection attempts to improve cybersecurity monitoring and response..

2. To automate SQL Injection detection by creating a Python tool that scans network logs
(CSV files) to find attacks making threat detection faster for SOC (Security Operations
Centre) analysts.

6
1.3 Problem Formulation
Web applications are increasingly becoming the backbone of modern business operations, offering
services that range from e-commerce to online banking. However, this convenience comes with a
significant security risk—SQL Injection (SQLi), one of the most prevalent and dangerous forms
of web-based attacks. SQLi allows malicious actors to manipulate database queries by injecting
specially crafted inputs, which can result in unauthorized data access, modification, or deletion.

Traditional methods of detecting SQL injection attacks often rely on manual inspection of server
logs or the deployment of complex, enterprise-level intrusion detection systems. These approaches
are either time-consuming, error-prone, or financially unfeasible for smaller organizations and
developers.

The core problem, therefore, is the lack of an accessible, automated, and easy-to-use tool that
can efficiently detect SQL injection attempts from web server logs or request data. Without such
a tool, there is a risk of delayed detection, data breaches, and compromised systems.

This project aims to solve this problem by developing a lightweight, web-based solution—SQL-
Guard—that automates the process of detecting potential SQL injection payloads from uploaded
CSV logs. By providing a simple interface and using pattern-matching techniques, SQL-Guard
enables users to perform preliminary security analysis quickly and without requiring advanced
cybersecurity expertise.

1.4 Recognition of Need

In today’s digital world, almost every organization uses websites or web applications to pro-
vide services, store information, or communicate with users. These web applications often use
databases to store user data, login details, messages, and other important information. But if the
application is not designed carefully, it can become an easy target for hackers.

One of the most common ways hackers try to break into websites is through SQL Injection attacks.
In this type of attack, the hacker enters special code into input fields (like login boxes or search
bars) to trick the website into revealing or changing data in the database. This can lead to serious
problems like leaking passwords, deleting information, or even taking full control of the website.

Even though SQL injection is a well-known threat, many small organizations or student projects
do not have advanced tools or professional security experts to protect their websites. They may
not be able to afford costly security systems or spend time manually checking server logs for signs
of attacks.

7
Because of this, there is a need for a simple, low-cost tool that can help detect SQL injection
attacks automatically. The tool should be easy to use, even for beginners, and should not require
deep technical knowledge.

Our project, SQL-Guard, was created to solve this problem. It lets users upload logs in CSV
format and automatically checks for suspicious SQL injection patterns. This makes it easier for
students, small teams, or anyone managing a web application to spot possible security issues early
and take action before any damage is done.

• In short, the need for this project arises from:

• The increasing number of SQL injection attacks,

• The lack of easy tools for beginners and small teams,

• And the importance of keeping web applications safe and secure.

1.5 Proposed System

To overcome the limitations of manual log inspection and the high cost of advanced security tools,
we propose a simple, web-based solution called SQL-Guard. This system is designed to help users
detect possible SQL injection attacks by analyzing HTTP request logs that are saved in a CSV
file format.

The main idea of the proposed system is to make SQL injection detection fast, automated, and
user-friendly. It is especially helpful for students, small businesses, and developers who may not
have access to professional tools or cybersecurity experts.

How it works:

• The user uploads a CSV file containing web request data.

• The system scans each request for suspicious patterns and keywords that are commonly
used in SQL injection attacks (like SELECT, DROP, UNION, OR 1=1, –, etc.).

• Once the scan is complete, the system shows the results on a clean and simple webpage.
This includes the number of suspicious requests, their details (IP address, payload, etc.),
and when they were first and last seen.

• The system is built using Flask, a lightweight Python web framework, and does not require
a database to run, which keeps it fast and easy to deploy.

8
Main Features of the Proposed System:

• Fully automatic SQL injection detection using pattern matching.

• Web interface to upload CSV logs and view results.

• No database needed – making it lightweight and simple.

• Provides detailed insights like attack count, source IP, and suspected payloads.

• Designed to be used by both technical and non-technical users.

The goal of the proposed system is to offer a low-cost, quick-to-use solution for identifying SQL
injection attacks and improving the overall security awareness of users managing web applications.
It acts as a stepping stone for better protection and encourages safe coding practices.

1.6 Unique Features of the System

The proposed system, SQL-Guard, offers several unique features that make it a useful and
practical tool for detecting SQL injection attacks. These features are designed to make the tool
simple, fast, and effective for users with or without technical backgrounds.

• Automatic SQL Injection Detection: The system can automatically scan uploaded
CSV files and detect potential SQL injection attempts using pattern matching, without
any manual effort.

• Simple Web Interface: The user interface is clean and easy to use. Users can upload
files and view results within seconds. No command-line knowledge is needed.

• Lightweight and Fast: Built with Python and Flask, the application runs quickly and
uses minimal system resources. It can be hosted locally or on the cloud with ease.

• Detailed Report Generation: After analyzing the CSV file, the system shows useful
details such as:

– Total number of suspected SQLi attacks

– IP addresses from which attacks originated

– First and last occurrence of the attack

– Suspicious request strings (payloads)

• Platform Independent: Since it is developed in Python and runs on a web browser, it

can be used on any operating system (Windows, macOS, or Linux).

9
• Beginner-Friendly: No advanced setup is required. The tool is designed to help students,
developers, and small teams who may not be security experts.

• Open Source and Customizable: The system is developed using open-source technolo-
gies and can be modified or expanded easily for future use or learning purposes

10
CHAPTER 2: Requirement Analysis and System
Specification

2.1 Feasibility Study

Before developing any software system, it is important to check whether the project is practical
and beneficial. The feasibility of the SQL-Guard project has been evaluated on three key aspects:
technical, economic, and operational. Each of these is explained below..

a) Technical Feasibility

• The SQL-Guard project is technically feasible and can be implemented using simple and
proven technologies. The main components of the system include the Python programming
language, Flask web framework, and built-in or lightweight libraries like csv, re (regular
expressions), and pandas.

• These tools are well-documented, reliable, and widely supported across platforms, making
them an excellent choice for developing a security analysis tool. The system performs
pattern matching to identify SQL injection attempts in uploaded log files, and this task
does not require complex algorithms or heavy processing power.

• Furthermore, the system does not require any database, which simplifies the architecture
and reduces technical dependencies. It can be easily run on any standard computer without
special hardware, making it technically practical for small teams, educational institutions,
or individual developers.

b) Economic Feasibility

• The project is highly economical because it relies entirely on open-source technologies.

There is no need to purchase licenses or invest in costly third-party software. Tools like
Python and Flask are free to use and have large community support, which makes devel-
opment easier and more cost-effective.

• The hardware requirements are minimal, and the application can be run on existing sys-
tems or hosted on free/low-cost cloud platforms if needed. As a result, the overall cost of
development and deployment is very low.

• Moreover, if this tool is used in a real-world environment such as a Security Operations

Center (SOC), it can significantly reduce manual analysis time and labor costs. By auto-
matically detecting SQL injection patterns in logs, the tool reduces the workload of analysts,

11
 helps prevent attacks earlier, and minimizes potential damage, thus saving money in the
long run..

c) Operational Feasibility

• From an operational perspective, the system is designed to be simple, efficient, and easy to
use. It has a user-friendly web interface that allows users to upload a log file and view the
analysis results immediately. There is no need for deep technical knowledge, which makes
the system accessible to both beginners and experienced users.

• The tool can be smoothly integrated into existing security workflows, especially in environ-
ments where log analysis and threat monitoring are already taking place. SOC analysts
and developers can use this system to quickly identify suspicious SQL injection attacks,
generate reports, and take action accordingly.

• Since the tool does not require complex installation or setup, it can be used immediately
after deployment with very little training. Its lightweight design ensures it can run efficiently
without interfering with other systems or requiring constant maintenance.

Conclusion of Feasibility Study:

Overall, the project is feasible in all aspects. It is technically sound, cost-effective, and opera-
tionally easy to adopt. These factors make SQL-Guard a practical and valuable tool for detecting
SQL injection attacks and enhancing web application security.

2.2 System Requirements

The SQL-Guard project is lightweight and does not require high-end hardware or complex software
environments.
The following system requirements must be fulfilled for successful development, deployment, and
operation of the application.

2.2.1 Hardware Requirements

Component Minimum Requirement

Operating System Windows 10 or 11
Processor Intel Core i3 or equivalent)
RAM 4 GB or higher
Storage Minimum 100 MB of free disk space
Display Standard monitor (resolution 1366x768 or higher)
Input Devices Keyboard and Mouse

12
2.2.2 Software Requirements

Component Specification
Operating System Windows 10/11, Linux, or macOS
Programming Language Python 3.8 or above
Web Framework Flask (Python-based web framework)
Libraries/Packages pandas, csv, re, flask
Text Editor / IDE Visual Studio Code / PyCharm / Sublime
Web Browser Chrome, Firefox, or Edge (latest version)

2.2.3 Additional Requirements

• Python package manager (pip) for installing dependencies

• Internet connection (optional, for downloading packages or hosting online)

This setup ensures that the system is accessible to users with basic computing environments,
making it a practical tool for students, developers, and small organizations alike.

2.3 Functional Requirements

The functional requirements define what the system should do and how it should behave in
response to user inputs. These are the essential features that the SQL-Guard application must
fulfill to achieve its objectives.

Below are the key functional requirements of the system:

1. File Upload Functionality

• The system shall allow the user to upload a .CSV file containing web traffic logs or
HTTP request records.

• The uploaded file should be validated for format and size before processing.

2. SQL Injection Detection

• The system shall scan each entry in the CSV file for suspicious patterns and SQL
keywords (such as SELECT, DROP, OR 1=1, –, etc.).

• Pattern matching will be done using regular expressions to identify potential SQL
injection attacks.

3. Display of Results

• The system shall display the following results on the web interface:

13
 – Number of detected suspicious entries

– Details of each suspicious request (e.g., IP address, suspicious query)

– Time of first and last detection

– Summary report of threats found

4. User Interface

• The system shall provide a user-friendly web interface using HTML templates rendered
via Flask.

• The interface will include pages for uploading files, viewing results, and navigating
through detected threats.

5. Security and Input Validation

• The system shall validate user input to prevent incorrect file types or malicious files
from being processed.

• File handling shall be secure to avoid any server-side vulnerabilities.

6. No Database Integration

• The system shall not use any database. All processing is performed in-memory during
the session.

• Results are displayed immediately after processing, and no data is stored permanently.

7. Download or Export Option (Optional/Future Feature)

• The system may include an option to export the detection report as a downloadable
text or CSV file (optional enhancement).

8. Platform Compatibility

• The system shall be compatible with major browsers and operating systems.

• The application must work locally or in a lightweight deployment environment (like a

local Flask server).

2.4 Validation Process

Validation is an essential step in the software development process to ensure that the system
performs correctly and meets the specified requirements. For SQL-Guard, the validation process
involves testing and confirming that the application can accurately detect SQL injection patterns
from uploaded CSV logs and produce reliable results.
The following methods and steps are used in the validation process:

14
• Input Validation

– The system checks whether the uploaded file is in the correct format (.csv).

– If an unsupported file format is uploaded (e.g., .txt, .pdf), the system displays an error
message.

– The file is also checked for empty rows or missing values to avoid processing errors.

– Example:

∗ Uploading a valid CSV → accepted and scanned

∗ Uploading a PDF or empty file → rejected with a friendly error

• Functional Validation
Each core feature of the system is validated to ensure it works as intended:

– File Upload: Confirmed to accept .csv and block other types

– Pattern Matching: Verified using test cases with known SQL injection payloads (e.g.,
”OR 1=1”, ”DROP TABLE”)

– Detection Output:Confirmed that suspicious entries are correctly flagged and displayed

• Result Accuracy Validation

– A set of sample log files (with both safe and malicious entries) were tested.

– The tool was expected to detect all malicious payloads while ignoring safe entries.

– The output was reviewed to ensure there were no false positives or negatives (within
the limits of pattern-based detection).

• User Interface Validation

– The user interface was tested for responsiveness and clarity.

– All elements (upload button, result section, error messages) were verified for proper
functioning.

• Boundary Testing

– The system was tested with very small and very large CSV files to ensure stability.

– It handled large files with several hundred lines without crashing or freezing.

• Manual Cross-Check

– Outputs from the tool were cross-verified with manual inspection of the same CSV
data.

– This helped ensure that the tool correctly highlights genuine SQL injection patterns.

15
 • No Persistent Data Validation

– Since the tool does not store data, it was verified that uploaded files are not saved
and results disappear after session ends.

After multiple rounds of testing, SQL-Guard was found to meet its functional and usability goals.
While advanced AI/ML-based detection could improve accuracy further, the current implemen-
tation effectively serves its purpose as a lightweight detection tool.

2.5 Potential Challenges and Mitigation Strategies

During the design and development of the SQL-Guard project, several challenges may arise that
could affect the functionality, accuracy, or usability of the system.
This section identifies those potential issues and outlines the strategies adopted to reduce or
eliminate their impact.

• Inaccurate Detection (False Positives/Negatives)

– Challenge: Pattern-based SQL injection detection can sometimes misclassify legiti-

mate queries as threats (false positives), or fail to detect cleverly disguised attacks
(false negatives).

– Mitigation Strategy:

∗ Refine regular expression patterns based on common and evolving SQLi tech-
niques.

∗ Use a whitelist/blacklist approach to improve accuracy.

∗ In future versions, consider integrating basic ML models or anomaly detection

techniques.

• Limited Coverage of Attack Vectors

– Challenge: The system currently scans only predefined patterns and may not recognize
newer or less common SQL injection methods.

– Mitigation Strategy:

∗ Maintain an updatable list of attack signatures.

∗ Provide documentation for users to customize or expand the detection patterns.

• Scalability for Large Log Files

– Challenge: Processing very large CSV files with thousands of rows may slow down the
system or cause memory issues.

16
 – Mitigation Strategy:

∗ Use buffered or chunked reading techniques while parsing files.

∗ Set file size limits and alert users if the input exceeds optimal limits.

• No Real-Time Detection

– Challenge: SQL-Guard is a passive detection tool that analyzes logs offline, not real-
time traffic.

– Mitigation Strategy:

∗ Position SQL-Guard as a post-event analysis tool.

∗ Suggest integration into a pipeline that periodically exports server logs for auto-
mated analysis.

• User Input Errors

– Challenge: Users may upload the wrong file format, corrupted files, or files with
missing data.

– Mitigation Strategy:

∗ Implement robust front-end and back-end validations.

∗ Display user-friendly error messages and input guidelines on the upload page.

17
CHAPTER 3: SYSTEM DESIGN

3.1 Design Approach

The design approach defines how the system is structured, how the components interact, and the
methodology used to build the system. For the SQL-Guard project, the focus was on simplicity,
modularity, and ease of use. The design is based on a function-oriented model, where each
component performs a specific role in the data processing and detection pipeline.

The major goals of the design are:

• To create a lightweight and efficient tool for detecting SQL injection patterns in log files.

• To keep the system easy to maintain, test, and extend in the future.

• To ensure the system works without the need for a backend database or complex deployment
infrastructure.

Key Components of the Design

1. User Interface (Frontend)

• Built using HTML and CSS, rendered by Flask.

• Provides a simple upload form for the user to select and submit a CSV file.

• Displays the analysis results, including number of attacks detected, IP addresses, and
patterns found.

2. File Handler Module

• Validates the uploaded file for correct format (.csv).

• Parses the file and extracts relevant fields such as IP address, request content, and
timestamps.

3. Detection Engine

• Core logic of the application

• Uses regular expressions (regex) to scan each request for known SQL injection key-
words and patterns (e.g., ’OR 1=1’, ’–’, ’DROP’, ’UNION’).

• Flags and stores any suspicious records.

4. Result Generator

• After scanning, it compiles a summary report.

18
 • Displays metrics such as total suspicious entries, IP addresses involved, and first/last
occurrence.

• Presents results in a readable format via the web interface.

5. Flask Backend Server

• Manages request routing, file handling, and HTML rendering.

• Lightweight and capable of running locally or on cloud platforms.

3.2 System Components

The SQL-Guard system is composed of several simple but well-coordinated components, each
responsible for a specific task. These components work together to ensure that the application
can detect SQL injection patterns in web traffic logs and present the results to the user effectively.

1. User Interface (UI)

• Developed using HTML and styled with CSS, the UI provides a clean and user-friendly
experience.

• Allows the user to upload .csv log files easily.

• Displays the results of SQL injection detection in a structured and readable format.

2. File Upload Handler

• This component is responsible for validating and securely handling uploaded files.

• It checks the file format (ensures it is .csv) and handles errors such as missing files or
unsupported formats.

• Once validated, the file is passed on to the detection engine for analysis.

3. CSV Parser

• Reads the uploaded CSV file and extracts relevant data such as:

– IP addresses

– Request content (URL, query parameters, etc.)

– Timestamps

• Ensures data is properly formatted and handles missing or corrupted entries gracefully.

19
4. SQL Injection Detection Engine

• This is the core component of the system.

• Uses a set of predefined regular expression (regex) patterns to scan for common SQL injec-
tion indicators (e.g., OR 1=1, –, SELECT, UNION, DROP),

• Flags suspicious entries and stores them for result generation.

5. Result Generator

• Compiles the output after scanning and highlights:

– Total number of detected suspicious entries

– Unique IPs involved

– First and last detection timestamps

– Suspicious payloads

• Prepares the results for display on the frontend.

6. Flask Application Server

• Acts as the glue between frontend and backend.

• Manages routing (e.g., file upload, results page), handles HTTP requests, and connects
components.

• Uses Flask’s templating engine (Jinja2) to render HTML pages.

3.3 User Requirements

User requirements describe what the end-users expect from the system in terms of functionality,
usability, and performance. These requirements ensure that the system meets the needs of the
target audience—primarily students, developers, security analysts, or administrators handling
web traffic logs.

• Easy File Upload Interface:

Users should be able to upload a .csv file containing HTTP request logs through a simple
and clean web form without needing any technical knowledge.

• Quick and Accurate Analysis:

Users expect the system to quickly scan the uploaded file and accurately detect SQL injec-
tion patterns without needing to configure detection rules manually.

20
 • Clear and Readable Output:
The results should be presented clearly, showing:

– Number of suspicious entries

– IP addresses associated with potential attacks

– Suspicious request strings (payloads)

– First and last seen timestamps for each threat

• No Complex Setup Required:

Users should be able to run the application on any standard computer without installing a
database or configuring complex environments.

• Lightweight and Fast:

The tool should consume minimal system resources and run efficiently even on low-end
devices.

• Browser Compatibility:
Users should be able to access the tool on any modern web browser such as Chrome, Firefox,
or Edge.

• Security and Input Validation

Users expect the application to validate the uploaded files and prevent the execution of
malicious code or unsupported formats.

3.4 User Interface Design

The user interface (UI) plays a critical role in ensuring the system is accessible and easy to use,
especially for users who may not have technical backgrounds. The UI for SQL-Guard is designed
to be clean, intuitive, and focused solely on the functionality of uploading log files and viewing
the results of SQL injection detection.

The interface is built using standard web technologies such as HTML, CSS, and Flask’s Jinja2
templating engine.

Key UI Elements:

• Home Page / Upload Page

– Contains a brief welcome message or system introduction.

– A central file upload form with the following elements:

∗ File input field (accepts only .csv files)

21
 ∗ Upload button

∗ Help text or tooltip explaining the expected format

• Validation Messages

– If the user tries to upload an invalid file (e.g., wrong format, empty file), the system
shows an error message.

– These messages are displayed using simple JavaScript or Flask messages.

– Example:

∗ “Invalid file format. Please upload a CSV file only.”

∗ “File uploaded successfully. Scanning in progress...”

• Result Page

– After analysis, this page displays a summary of detected threats

∗ Total number of suspicious entries

∗ List of suspicious IP addresses

∗ Associated suspicious request strings (payloads)

∗ First and last timestamps of the attacks

• Digital bill.

Admin Side

• Login-protected dashboard.

• Add/Edit/Delete menu items.

• Successfully view the orders.

• Track the sales monthly.

22
3.5 Flowchart

Figure i: System Flowchart

3.6 Methodology
The methodology outlines the systematic process followed in the design, development, and testing
of the SQL-Guard project. A structured methodology ensures that the system meets its goals,
works reliably, and can be easily maintained or improved in the future.

Step-by-Step Workflow:

1. Requirement Gathering: In the initial phase, we identified the core needs of users,
especially system administrators and security analysts. We gathered requirements such as:

• Detecting SQL injection attempts from log files

23
 • Keeping the interface simple

• Avoiding complex setups like databases or authentication systems

2. System Analysis: After defining the problem, we analyzed how SQL injection attacks
work, studied common patterns, and explored how such attacks appear in HTTP traffic or
log files. This helped us determine the key features the system must have and guided the
design of the detection engine.

3. System Design: We created the architecture of the system by dividing it into modular
components:

• File Upload Handler

• CSV Parser

• Detection Engine (using regex)

• Result Display Interface

4. Implementation: The system was implemented using:

• Python for backend logic

• Flask for web routing and HTML rendering

• HTML/CSS for the user interface

• Regular expressions for detecting SQLi patterns

5. Testing and Validation: We created test cases with both malicious and clean log data
to evaluate the accuracy and performance of the detection engine. We validated:

• File type handling

• Detection reliability

• Result accuracy

• Interface usability

24
CHAPTER 4:RESULTS AND DISCUSSIONS

4.1 User Interface Representation

The user interface (UI) of SQL-Guard has been designed with simplicity and clarity in mind.
Since the target users may range from students to security analysts, the interface focuses on ease
of use, minimal navigation, and clean presentation of data. The interface consists of two main
pages:

Workflow
1. Upload Page (Home Interface)
It allow the user to upload a CSV file containing HTTP request logs.

Figure ii: Upload page

2. Results Page (Detection Output Interface)

Purpose is to display analysis results after scanning the uploaded file.

Figure iii: Result page

25
4.2 Module Description

Technologies Used
• Python 3

• Flask

• HTML

• CSS

• re (Regular Expressions)

• csv module

• Visual Studio Code

26
CHAPTER 5:CONCLUSIONN AND FUTURE SCOPE

Conclusion
• In this project, we designed and developed SQL-Guard, a lightweight and user-friendly tool
for detecting SQL injection attempts from HTTP request logs in CSV format. SQL injection
remains one of the most critical and commonly exploited vulnerabilities in web applications,
and SQL-Guard provides a practical solution for identifying such threats without the need
for complex infrastructure or deep technical expertise.

• The application successfully allows users to upload CSV log files and automatically scans
each entry using pattern-matching techniques to detect suspicious SQL keywords and pay-
loads. Built using Python and Flask, the system ensures ease of use, portability, and quick
deployment across various platforms.

• Throughout the development lifecycle, we followed a structured methodology — from re-

quirements gathering and system design to implementation, testing, and validation. The
results confirmed that SQL-Guard is accurate for basic threat detection, performs reliably
across different inputs, and provides a clear visual report of findings.

• SQL-Guard achieves its goal of making security analysis more accessible and highlights the
importance of proactive measures against web-based attacks

Future Scope
• Future versions can integrate with live server logs or proxy tools to enable real-time SQL
injection detection instead of only static CSV file analysis.

• Implementing ML algorithms can improve detection accuracy by identifying advanced or

obfuscated SQL injection patterns beyond regular expressions.

• Adding features to export results as PDF/CSV and providing a visual dashboard can en-
hance usability and help users maintain security records more effectively.

27
Bibliography
• OWASP Foundation, “SQL Injection,” OWASP Top 10 Web Application Security Risks.
[Online]. Available: https://owasp.org/www-community/attacks/SQL_Injection.

• GeeksForGeeks, ”GeeksForGeeks ,” . [Online]. Available: https://www.geeksforgeeks.

org/.

• Open AI, ”Chat GPT - AI Language Model,” [Online]. Available: https://openai.com/

chatgpt.

28