Browse wiki

From Navigators

Jump to: navigation, search
Publication:ToCAMS2020
Abstract Reported vulnerabilities have grown signif Reported vulnerabilities have grown significantly over the recent years, with SQL injection (SQLi) being one of the most prominent, especially in web applications. For these, such increase can be explained by the integration of multiple software parts (e.g., various plugins and modules), often developed by different organizations, composing thus web application variants. Machine Learning has the potential to be a great ally on finding vulnerabilities, aiding experts by reducing the search space or even by classifying programs on their own. However, previous work usually does not consider SQLi or utilizes techniques hard to scale. Moreover, there is a clear gap in vulnerability detection with machine learning for PHP, the most popular server-side language for web applications. This paper presents a Deep Learning model able to classify PHP slices as vulnerable (or not) to SQLi. As slices can belong to any variant, we propose the use of an intermediate language to represent the slices and interpret them as text, resorting to well-studied Natural Language Processing (NLP) techniques. Preliminary results of the use of the model show that it can discover SQLi, helping programmers and precluding attacks that would eventually cost a lot to repair. hat would eventually cost a lot to repair.
Author Ana Fidalgo + , Ibéria Medeiros + , Nuno Ferreira Neves +
Booktitle In Proceedings of the Workshop on Testing of Configurable and Multi-variant Systems (ToCaMS)  +
Key ToCAMS2020  +
Month oct  +
NumPubDate 2,020.1  +
Project Project:Xivt + , Project:SEAL +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
Title Towards a Deep Learning Model for Vulnerability Detection on Web Application Variants  +
Type inproceedings  +
Year 2020  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 2 August 2020 16:32:41  +
hide properties that link here 
  No properties link to this page.
 

 

Enter the name of the page to start browsing from.
Views
Personal tools
Toolbox
Navigators toolbox