An integrated AI-blockchain framework for securing web applications, mitigating SQL injection, model poisoning, and IoT spoofing attacks

The rapid evolution of Web 4.0, characterized by decentralized systems, real-time data processing, and AI-driven interfaces, presents serious security threats such as SQL injection (SQLi) attacks, adversarial model poisoning, and IoT device spoofing. This paper presents a unified AI-blockchain framework designed to address these vulnerabilities, incorporating bidirectional LSTM networks for SQLi detection, Trimmed Mean aggregation with a reputation system for model poisoning defense, and CNN-based IoT authentication anchored to a decentralized blockchain. Evaluated on the Bitcoin OTC trust network, the framework clearly shows outstanding performance, with SQLi detection achieving 96.2% accuracy (94.8% precision and 92.5% recall), far outperforming traditional rule-based systems such as Snort (82.1% accuracy). The success rate of model poisoning attacks is reduced from 78% (in the absence of defense) to just 12% through the application of Trimmed Mean aggregation and dynamic reputation scoring, while IoT spoofing detection attains a 91.3% F1-score through cosine similarity-based matching of network traffic embeddings. The blockchain layer, which uses Delegated Proof-of-Stake (DPoS) consensus, achieves 1,450 transactions per second (TPS) with a validation latency of only 220 milliseconds, ensuring efficient real-time auditability. Furthermore, user trust scores increased by 48% after implementation (4.3/5 vs. 2.9/5 before implementation), confirming the framework's practical impact. Nevertheless, some limitations still persist, such as the 15% latency overhead due to federated learning and the use of synthetic IoT data, which may limit or reduce the framework's real-world applicability. The proposed combination of AI-based adaptive threat detection and blockchain-based tamper-proof transparency will pave the way for secure, user-focused architectures in Web 4.0, providing a scalable framework to address the evolving cyber threats in decentralized environments.