학술논문
Machine Learning for Web Vulnerability Detection: The Case of Cross-Site Request Forgery
Document Type
Periodical
Author
Source
IEEE Security & Privacy IEEE Secur. Privacy Security & Privacy, IEEE. 18(3):8-16 Jun, 2020
Subject
Language
ISSN
1540-7993
1558-4046
1558-4046
Abstract
We propose a methodology to leverage machine learning (ML) for the detection of web application vulnerabilities. We use it in the design of Mitch, the first ML solution for the black-box detection of cross-site request forgery vulnerabilities. Finally, we show the effectiveness of Mitch on real software.