SQL Injection Practice Test File (CSV)
=====================================

This synthetic dataset is designed for machine learning-based SQL Injection detection.
Each row represents a web request log entry analyzed for potential injection behavior.

Label:
0 = Normal Web Request
1 = SQL Injection Attack

Column Descriptions:

timestamp_utc
Timestamp of the web request in UTC.

source_ip
IP address of the request origin.

http_method
HTTP request method (GET or POST).

endpoint
The targeted web application endpoint (e.g., /login, /search, /api).

payload_length
Length of the request payload. SQL injection attacks often have longer payloads.

sql_keyword_count
Number of SQL-related keywords detected in the request (e.g., SELECT, UNION, DROP).

special_char_count
Count of special characters (' -- ; = OR) commonly used in injection payloads.

request_entropy
Entropy score of the request payload. Higher entropy may indicate obfuscated or malicious input.

failed_login_attempts
Number of failed login attempts associated with the request session.

response_code
HTTP response status code returned by the server.

user_agent_type
Generalized user agent category (browser or bot-like behavior).

suspicious_pattern_flag
Indicates whether known suspicious injection patterns were detected.

Suggested ML Use:
- Binary Classification (Normal vs SQL Injection)
- Web Application Firewall (WAF) AI training
- Anomaly Detection on web traffic logs