ARCHIVES
Research Article
Machine Learning for Web Vulnerability Detection: The Case of Cross-Site Request Forgery
N. Sravani1
O.Sai Raju2
Ch.Harish3
B.Anil Kumar4
S.Anirudh5
1Assistant professor, Department of Information Technology, CMR Engineering College (UGC Autonomous), Hyderabad, Telangana, India. 2,3,4,5 B.Tech IV-Year, Department of Information Technology, CMREC, (UGC Autonomous), Hyderabad, Telangana, India.
Published Online: January-February 2024
Pages: 26-29
Cite this article
↗ https://www.doi.org/10.59256/ijsreat.20240401005
References
1. S. Calzavara, R. Focardi, M. Squarcina and M. Tempesta, "Surviving the web: A journey into web session security", ACM Comput.
Surv., vol. 50, no. 1, pp. 13:1-13:34, 2017.
2. A. Sudhodanan, R. Carbone, L. Compagna, N. Dolgin, A. Armando and U. Morelli, "Large-scale analysis & detection of authentication
cross-site request forgeries", Proc. 2017 IEEE European Symp. Security and Privacy (EuroS&P 2017), pp. 350-365
3. S. Calzavara, A. Rabitti, A. Ragazzo and M. Bugliesi, "Testing for integrity flaws in web sessions", Proc. Computer Security 24rd
European Symp. Research Computer Security (ESORICS 2019), pp. 606-624, Sept. 2019.
4. J. Bau, E. Bursztein, D. Gupta and J. C. Mitchell, "State of the art: Automated black-box web application vulnerability testing", Proc.
31st IEEE Symp. Security and Privacy (S&P 2010), pp. 332-345, May 2010.
5. A. Doupé, M. Cova and G. Vigna, "Why Johnny can’t pentest: An analysis of black-box web vulnerability scanners", Proc. 7th Int. Conf.
Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2010), pp. 111-131, July 2010.
6. Barth, C. Jackson and J. C. Mitchell, "Robust defenses for cross-site request forgery", Proc. 2008 ACM Conf. Computer and
Communications Security (CCS 2008), pp. 75-88.
7. M. Mohri, A. Rostamizadeh and A. Talwalkar, Foundations of Machine Learning, Cambridge, MA:MIT Press, 2012
8. . Calzavara, G. Tolomei, A. Casini, M. Bugliesi and S. Orlando, "A supervised learning approach to protect client authentication on the
web", ACM Trans. Web, vol. 9, no. 3, pp. 15:1-15:30, 2015.
9. S. Calzavara, M. Conti, R. Focardi, A. Rabitti and G. Tolomei, "Mitch: A machine learning approach to the black-box detection of
CSRF vulnerabilities", Proc. IEEE European Symp. Security and Privacy (EuroS&P 2019), pp. 528-543, June 2019.
10. G. Pellegrino, M. Johns, S. Koch, M. Backes and C. Rossow, "Deemon: Detecting CSRF with dynamic analysis and property graph",
Proc. 2017 ACM SIGSAC Conf. Computer and Communications Security(CCS 2017), pp. 1757-1771, Oct. 2017.
Surv., vol. 50, no. 1, pp. 13:1-13:34, 2017.
2. A. Sudhodanan, R. Carbone, L. Compagna, N. Dolgin, A. Armando and U. Morelli, "Large-scale analysis & detection of authentication
cross-site request forgeries", Proc. 2017 IEEE European Symp. Security and Privacy (EuroS&P 2017), pp. 350-365
3. S. Calzavara, A. Rabitti, A. Ragazzo and M. Bugliesi, "Testing for integrity flaws in web sessions", Proc. Computer Security 24rd
European Symp. Research Computer Security (ESORICS 2019), pp. 606-624, Sept. 2019.
4. J. Bau, E. Bursztein, D. Gupta and J. C. Mitchell, "State of the art: Automated black-box web application vulnerability testing", Proc.
31st IEEE Symp. Security and Privacy (S&P 2010), pp. 332-345, May 2010.
5. A. Doupé, M. Cova and G. Vigna, "Why Johnny can’t pentest: An analysis of black-box web vulnerability scanners", Proc. 7th Int. Conf.
Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2010), pp. 111-131, July 2010.
6. Barth, C. Jackson and J. C. Mitchell, "Robust defenses for cross-site request forgery", Proc. 2008 ACM Conf. Computer and
Communications Security (CCS 2008), pp. 75-88.
7. M. Mohri, A. Rostamizadeh and A. Talwalkar, Foundations of Machine Learning, Cambridge, MA:MIT Press, 2012
8. . Calzavara, G. Tolomei, A. Casini, M. Bugliesi and S. Orlando, "A supervised learning approach to protect client authentication on the
web", ACM Trans. Web, vol. 9, no. 3, pp. 15:1-15:30, 2015.
9. S. Calzavara, M. Conti, R. Focardi, A. Rabitti and G. Tolomei, "Mitch: A machine learning approach to the black-box detection of
CSRF vulnerabilities", Proc. IEEE European Symp. Security and Privacy (EuroS&P 2019), pp. 528-543, June 2019.
10. G. Pellegrino, M. Johns, S. Koch, M. Backes and C. Rossow, "Deemon: Detecting CSRF with dynamic analysis and property graph",
Proc. 2017 ACM SIGSAC Conf. Computer and Communications Security(CCS 2017), pp. 1757-1771, Oct. 2017.
Related Articles
2024
Advancements in Machine Learning: A Comprehensive Exploration of Methods, Applications, and Future Perspectives
2024
Optimizing the Future: Unveiling the Significance of MLOps in Streamlining the Machine Learning Lifecycle
2024
A Comparative Study on Loan Status: Utilizing Machine Learning Algorithms for Predictive Analysis
2024
Financial Technology (Fintech) and Banking Industry Transformation: A Symbiotic Evolution into the Digital Era
2024
Pneumonia Detection In Chest X-Rays Using Neural Networks
2024
