Reddy S.A.Rudra B.2021-05-052021-05-0520212021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021 , Vol. , , p. 936 - 941https://doi.org/10.1109/CCWC51732.2021.9376034https://idr.nitk.ac.in/handle/123456789/14785Application programming interfaces (APIs) are a vital part of every online business. APIs are responsible for transferring data across systems within a company or to the users through the web or mobile applications. Security is a concern for any public-facing application. The objective of this study is to analyze incoming requests to a target API and flag any malicious activity. This paper proposes a solution using sequence models to identify whether or not an API request has SQL, XML, JSON, and other types of malicious injections. We also propose a novel heuristic procedure that minimizes the number of false positives. False positives are the valid API requests that are misclassified as malicious by the model. © 2021 IEEE.Conference Paper