Please use this identifier to cite or link to this item:
http://hdl.handle.net/10603/290337
Title: | Machine Learning based Models for Detecting HTTP Input Validation Vulnerabilities of Web Applications |
Researcher: | S. Venkatramulu |
Guide(s): | C. V. Guru Rao |
Keywords: | Computer Science Computer Science Cybernetics Engineering and Technology |
University: | Kakatiya University, Warangal |
Completed Date: | 14-10-2020 |
Abstract: | Every organization is offering their services through online web applications in recent days. Accessing the online services could be the most malevolent, as the browsers themselves can adapt in the form of attacking equipment. The problems caused by web applications attacks like SQL injection (SQLi) and Cross Site Scripting (XSS) stem from their notorious ability to blend in to the noise associated with web application traffic. Most of the web application vulnerabilities are happened due to lack of input validations. The conventional approach of dealing with the impact of web applications vulnerabilities like SQLi and XSS is the verification of code by syntax analyzers. Here, the other important confine of these syntax analyzers is dependency of programming language. This thesis explored the models based on machine learning to augment traditional methods of identifying and preventing web based attacks of input parameter vulnerabilities. newline newlineAt first a model for detecting and preventing input validation vulnerabilities such as SQL Injection and XSS attacks in web applications using a Rule Based Pattern Discovery (RPAD) is developed. The proposed algorithm deals to discover the divergent patterns of these features and their correlation with the labels called malevolent and benevolent . The proposed RPAD discovers the patterns from features for malevolent as well as benevolent records. Then a set of rules are framed. Each of these rules shall indicate the pattern is either malevolent or benevolent. These rules are stored as knowledge for the further process. Further, it extracts the test patterns of features from input parameters and their values for test records. Then, it labels a given input record as either malevolent or benevolent based on the test patterns. This model is efficiently worked on categorical web data. Our contribution on RPAD is compared to an existing model IPAAS. The detection accuracy for the SQL injection and XSS vulnerabilities are substantial when compared to IPAAS. The evaluation consider |
Pagination: | 1-130 |
URI: | http://hdl.handle.net/10603/290337 |
Appears in Departments: | Department of Computer Science & Engineering |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
01_title.pdf | Attached File | 121.07 kB | Adobe PDF | View/Open |
02_certificate.pdf | 12.18 MB | Adobe PDF | View/Open | |
03_abstract.pdf.pdf | 17.11 kB | Adobe PDF | View/Open | |
04_declaration.pdf | 11.83 MB | Adobe PDF | View/Open | |
05_acknowledgement.pdf | 24.31 kB | Adobe PDF | View/Open | |
06_contents.pdf | 70.22 kB | Adobe PDF | View/Open | |
07_list_of_tables.pdf | 45.05 kB | Adobe PDF | View/Open | |
08_list_ of_figures.pdf | 57.5 kB | Adobe PDF | View/Open | |
09_ abbreviations.pdf | 32.6 kB | Adobe PDF | View/Open | |
10_chapter-1.pdf | 55.96 kB | Adobe PDF | View/Open | |
11_chapter-2.pdf | 108.84 kB | Adobe PDF | View/Open | |
12_chapter-3.pdf | 319.9 kB | Adobe PDF | View/Open | |
13_chapter-4.pdf | 1.16 MB | Adobe PDF | View/Open | |
14_conclusion.pdf | 34.8 kB | Adobe PDF | View/Open | |
15_bibliography.pdf | 92.33 kB | Adobe PDF | View/Open | |
80_recommendation.pdf | 34.8 kB | Adobe PDF | View/Open | |
plagiarism certificate.pdf | 13 MB | Adobe PDF | View/Open |
Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).
Altmetric Badge: