Volume 17 No 12 (2019)
Download PDF
USING MACHINE LEARNING TO DETECT CROSSSITE REQUEST FORGERY
INJAM NARASIMHA RAO, KOMMU SAMSON, RELLA SURESH
Abstract
In this project, we offer an approach that uses machine learning (ML) to identify vulnerabilities in online
applications. Because web apps are so diverse and sometimes use bespoke programming techniques,
they can be especially difficult to analyze. Because machine learning (ML) can leverage manually labeled
data to incorporate human understanding of online application semantics into automated analysis tools,
it is thus particularly beneficial for web application security. In order to create Mitch, the first machine
learning solution for the black-box detection of Cross-Site Request Forgery (CSRF) vulnerabilities, we
used our methodology. We were able to find 35 new CSRFs on 20 popular websites and 3 new CSRFs on
production software thanks to Mitch.
Keywords
In this project, we offer an approach that uses machine learning (ML) to identify vulnerabilities in online applications.
Copyright
Copyright © Neuroquantology
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Articles published in the Neuroquantology are available under Creative Commons Attribution Non-Commercial No Derivatives Licence (CC BY-NC-ND 4.0). Authors retain copyright in their work and grant IJECSE right of first publication under CC BY-NC-ND 4.0. Users have the right to read, download, copy, distribute, print, search, or link to the full texts of articles in this journal, and to use them for any other lawful purpose.