Effect of Coding Styles in Detection of Web Application Vulnerabilities

Medeiros, Ibéria; Neves, Nuno

doi:10.1109/edcc51268.2020.00027

Cited by 5 publications

(4 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Medeiros and Neves at el. [12] propose the insights from the behaviors of SATs, they analyze applications written. But the research work is done with only one vulnerability which is SQLi.…”

Section: Related Workmentioning

confidence: 99%

Capable of Classifying the Tuples with Wireless Attacks Detection Using Machine Learning

Islam

Allayear

2022

Intelligent Computing Systems

View full text Add to dashboard Cite

A wireless attack is a malicious action against wireless systems and wireless networks. In the last decade of years, wireless attacks are increasing day by day and it is now a very big problem for modern wireless communication systems. In this paper, the author's used the Aegean Wi-Fi Intrusion Dataset (AWID3). There are two versions of this dataset, one is over 200 million tuples of full data and one is 1.8 million tuples of reduced data. As our dataset has millions of tuples and over 100 columns, it is easy to become overwhelmed because of its size. The authors used the reduced version and predicted if an attack was one of four types using the k-nearest-neighbors classifier. All of the attack types we used had a distribution that highly favored the non-attack class. Our best results were for the attack "arp'' type where we attained the best accuracy with recall. The author's primary goal of the paper was to attain the highest accuracy possible when creating a model that is capable of classifying the 4 attack types and detecting and classifying wireless attacks using Machine Learning models on the AWID3 dataset. One of the goals that supported this main objective was determining a way to avoid the curse of dimensionality.

show abstract

“…Medeiros and Neves at el. [12] propose the insights from the behaviors of SATs, they analyze applications written. But the research work is done with only one vulnerability which is SQLi.…”

Section: Related Workmentioning

confidence: 99%

Capable of Classifying the Tuples with Wireless Attacks Detection Using Machine Learning

Islam

Allayear

2022

Intelligent Computing Systems

View full text Add to dashboard Cite

show abstract

“…It does not, however, address security concerns such as message confidentiality and privacy. In this paper [31] the implications of SATs' actions while analyzing applications written in various coding styles and programming methods, as well as a discussion of the exploitability of SQLi vulnerabilities reported by SATs as true positives. Some result parameters are "TP, FP, FN, FFP (False False Positive)".…”

Section: Related Workmentioning

confidence: 99%

DDoS Attack Preventing and Detection with the Artificial Intelligence Approach

Islam

Jabiullah

Abid

2022

Intelligent Computing Systems

View full text Add to dashboard Cite

DDoS attacks are a major Internet security concern with this large number of customers. Each attack sends a service request to a certain server, which limits the server's capacity to provide normal services. Since the attackers use legitimate packages and alter their package information, traditional methods are not very effective. The assault on DDoS is one of the most potent Internet hacking techniques. The hacker's basic weapon to take down and crash websites during these sorts of assaults is network trafficking. There are different sub-categories, each category explains how a hacker attempts to enter the network. In this paper, we define the DDoS attacks detection method based on artificial intelligence and explored with more than 96-percent accuracy a technique to detect a DDoS attacks assault danger using artificial intelligence (A.I). In addition to a secure or healthy network, authors have identified 7 separate sub-categories of DDoS attacks.

show abstract

“…Even though it could be that the library has a vulnerability [4]. By using specific libraries and frameworks, applications can be completed more quickly, but this also increases the vulnerability risk of the applications they make [5].…”

Section: Introductionmentioning

confidence: 99%

“…The advantage of SAST is that programmers can immediately make corrections to the detected source code [10]. Unfortunately, SAST tools often produce false positives or false negatives [5].…”

Section: Introductionmentioning

confidence: 99%

Detection of SQL Injection Vulnerability in Codeigniter Framework Using Static Analysis

Fahmi Al Azhar,

Harwahyu

2023

Multitek Indonesia

View full text Add to dashboard Cite

SQL Injection attacks are still one type of attack that often occurs in web-based applications. The causes and ways to prevent SQL Injection have been widely explained in various sources. Unfortunately, until now, SQL Injection vulnerabilities are still often found in multiple applications. Web-based application frameworks that already have functions to protect against attacks are often not used optimally. This is inseparable from the role of programmers, who often forget the rules for writing program code to prevent SQL Injection attacks. We conducted this research to detect SQL Injection vulnerabilities in source code using a case study of the PHP CodeIgniter framework. We compared this research with static analysis tools like RIPS, Synopsys Coverity, and Sonarqube. The tool we have developed can detect SQL Injection vulnerabilities that cannot be detected by the two tools with an accuracy of 88.8%. The results of our research can provide suggestions for programmers so that they can improve the code they write.

show abstract

Effect of Coding Styles in Detection of Web Application Vulnerabilities

Cited by 5 publications

References 15 publications

Capable of Classifying the Tuples with Wireless Attacks Detection Using Machine Learning

Capable of Classifying the Tuples with Wireless Attacks Detection Using Machine Learning

DDoS Attack Preventing and Detection with the Artificial Intelligence Approach

Detection of SQL Injection Vulnerability in Codeigniter Framework Using Static Analysis

Contact Info

Product

Resources

About