CROSS SITE REQUEST FORGERY DETECTION USING MACHINE LEARNING

Authors

  • KONCHA HARSHITHA Author
  • R. V. SUBBAIAH Author
  • GOUTHAMA VENKATA SAI NIKITHA Author
  • MAGULURI SUMA MADHURI Author
  • SHAIK MAHAMMAD BIN ALI Author

Keywords:

CSRFs on production software, methodology, MACHINE LEARNING, FORGERY, CROSS SITE, REQUEST

Abstract

In this project, we propose a methodology to leverage Machine Learning (ML) for the detection of web application vulnerabilities. Web applications are particularly challenging to analyses, due to their diversity and the widespread adoption of custom programming practices. ML is thus very helpful for web application security: it can take advantage of manually labeled data to bring the human understanding of the web application semantics into automated analysis tools. We use our methodology in the design of Mitch, the first ML solution for the black-box detection of Cross-Site Request Forgery (CSRF) vulnerabilities. Mitch allowed us to identify 35 new CSRFs on 20 major websites and 3 new CSRFs on production software.

Downloads

Download data is not yet available.

Downloads

Published

08-03-2024

Issue

Vol. 12 No. 1 (2024): Volume 12 Issue 1 2024

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

CROSS SITE REQUEST FORGERY DETECTION USING MACHINE LEARNING. (2024). International Journal of Information Technology and Computer Engineering, 12(1), 162-171. https://ijitce.org/index.php/ijitce/article/view/491