Web Susceptibility Findings by Machine Learning in the Case of Cross-web Request Falsification

Authors

  • k Manohara Rao Assistant Professor, Department ofInformation Technology, PACE Institute of Technology and Sciences, Ongole, Andhra Pradesh, India Author
  • M Chaitanya Bharathi Assistant Professor, Department ofInformation Technology, PACE Institute of Technology and Sciences, Ongole, Andhra Pradesh, India Author
  • A Seshagiri Rao Professor, Department of Information Technology, PACE Institute of Technology and Sciences, Ongole, Andhra Pradesh, India Author
  • S K Heena Kauser Assistant Professor, Department ofInformation Technology, PACE Institute of Technology and Sciences, Ongole, Andhra Pradesh, India Author

Keywords:

Machine learning, cross-site request forgery, net security

Abstract

 this article, we have a tendency to  propose a strategy to leverage Machine Learning (ML) for  the detection of net application vulnerabilities. net  applications area unit significantly difficult to analyze,  thanks to their diversity and also the widespread adoption  of custom programming practices. Milliliter is so terribly  useful for net application security: it will benefit of  manually tagged information to bring the human  understanding of the net application linguistics into  automatic analysis tools. we have a tendency to use our  methodology within the style of Mitch, the primary  milliliter answer for the black-box detection of Cross-Site  Request Falsification(CSRF) vulnerabilities. Mitch allowed  U.S.A. to spot thirty five new CSRFs on twenty major  websites and three new CSRFs on production package. 

Downloads

Download data is not yet available.

References

Stefano Calzavara, Riccardo Focardi, Marco Squarcina, and Mauro Tempesta. Surviving the web: A journey into web session security. ACM Comput. Surv., 50(1):13:1–13:34, 2017.

Avinash Sudhodanan, Roberto Carbone, Luca Compagna, Nicolas Dol- gin, Alessandro Armando, and Umberto Morelli. Large-scale analysis & detection of authentication cross-site request forgeries. In 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, Paris, France, April 26-28, 2017, pages 350–365, 2017.

Stefano Calzavara, Alvise Rabitti, Alessio Ragazzo, and Michele Bugliesi. Testing for integrity flaws in web sessions. In Computer Security - 24rd European Symposium on Research in Computer Security, ESORICS 2019, Luxembourg, Luxembourg, September 23-27, 2019,

pages 606–624, 2019.

OWASP. OWASP Testing Guide. https://www.owasp.org/index.php/ OWASP Testing Guide v4 Table of Contents, 2016.

Jason Bau, Elie Bursztein, Divij Gupta, and John C. Mitchell. State of the art: Automated black-box web application susceptibilitytesting. In 31st IEEE Symposium on Security and Privacy, S&P 2010, 16-19 May 2010,

Berkeley/Oakland, California, USA, pages 332–345, 2010. [7] Adam Doup e´, Marco Cova, and Giovanni Vigna. Why johnny can’t pentest: An analysis of black-box web susceptibilityscanners. In Detection of Intrusions and Malware, and SusceptibilityAssessment, 7th International Conference, DIMVA 2010, Bonn, Germany, July 8-9, 2010. [8] Proceedings, pages 111–131, 2010.

Adam Barth, Collin Jackson, and John C. Mitchell. Robust defenses for cross-site request forgery. In Proceedings of the 2008 ACM Conference on Computer and Communications Security, CCS 2008, Alexandria, Virginia, USA, October 27-31, 2008, pages 75–88, 2008.

Mehryar Mohri, Afshin Rostamizadeh, and Ameet Talwalkar. Founda- tions of Machine Learning. The MIT Press, 2012.

Michael W. Kattan, Dennis A. Adams, and Michael S. Parks. A comparison of machine learning with human judgment. Journal of Management Information Systems, 9(4):37–57, March 1993

Downloads

Published

2022-08-30

Issue

Vol. 9 No. 4 (2022): International Journal of Innovative Research in Engineering & Management (August) 2022

Section

Articles

How to Cite

Web Susceptibility Findings by Machine Learning in the Case of Cross-web Request Falsification . (2022). International Journal of Innovative Research in Engineering & Management, 9(4), 126–131. Retrieved from https://acspublisher.com/journals/index.php/ijirem/article/view/10870