The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. Those approaches, however, have some problems in terms of the size of list or calculation costs as the number of attacks increases. For this point, the authors have previously proposed a simple automatic detection algorithm of SQL injection attack. This algorithm requires to calculate the contained rate of suspicious characters with input sequence. This rate would be compared with a known real-valued threshold. This paper proposes the learning algorithm to choose the real-valued threshold from training data sets. Furthermore, some criteria would be considered and their performances would also be examined.The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. Those approaches, however, have some problems in terms of the size of list or calculation costs as the number of attacks increases. For this point, the authors have previously proposed a simple automatic detection algorithm of SQL injection attack. This algorithm requires to calculate the contained rate of suspicious characters with input sequence. This rate would be compared with a known real-valued threshold. This paper proposes the learning algorithm to choose the real-valued threshold from training data sets. Furthermore, some criteria would be considered and their performances would also be examined.