We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Machine Learning for Web Vulnerability Detection: The Case of Cross Site Request Forgery.
- Authors
Chandrika, Terupally; swetha, Rapole; Jyothi, Pokala; Kumar, P. Prashanth
- Abstract
In this project, we propose a methodology to leverage Machine Learning (ML) for the detection of web application vulnerabilities. Web applications are particularly challenging to analyses, due to their diversity and the widespread adoption of custom programming practices. ML is thus very helpful for web application security: it can take advantage of manually labeled data to bring the human understanding of the web application semantics into automated analysis tools. We use our methodology in the design of Mitch, the first ML solution for the black-box detection of Cross-Site Request Forgery (CSRF) vulnerabilities. Mitch allowed us to identify 35 new CSRFs on 20 major websites and 3 new CSRFs on production software.
- Subjects
MACHINE learning; WEB-based user interfaces; BLACK box warnings; WEBSITE security; COMPUTER security
- Publication
Journal of Algebraic Statistics, 2022, Vol 13, Issue 3, p4502
- ISSN
1309-3452
- Publication type
Article