Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications

IF 1.1 Q3 CRIMINOLOGY & PENOLOGY Journal of Applied Security Research Pub Date : 2022-07-10 DOI:10.1080/19361610.2022.2096387
Rrezearta Thaqi, Kamer Vishi, Blerim Rexha
{"title":"Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications","authors":"Rrezearta Thaqi, Kamer Vishi, Blerim Rexha","doi":"10.1080/19361610.2022.2096387","DOIUrl":null,"url":null,"abstract":"Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":null,"pages":null},"PeriodicalIF":1.1000,"publicationDate":"2022-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Applied Security Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/19361610.2022.2096387","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"CRIMINOLOGY & PENOLOGY","Score":null,"Total":0}
引用次数: 2

Abstract

Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
增强Burp套件的机器学习扩展,用于Web应用程序的漏洞评估
摘要今天的网络代表了人类有史以来最广泛的工程系统。网络安全对网络应用程序提供商和最终用户至关重要。Burp Suite是一套最先进、功能齐全的网络漏洞扫描工具。本文提出了一种将最先进的机器学习算法应用于Burp Suite扩展的新方法。这些算法用于扫描大学网络应用程序中的SQL注入、跨站点请求伪造和XML外部实体漏洞。结果表明,最佳算法是长短期记忆,目标网站使用安全。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Applied Security Research
Journal of Applied Security Research CRIMINOLOGY & PENOLOGY-
CiteScore
2.90
自引率
15.40%
发文量
35
期刊最新文献
Campus Security and Crime Prevention: A View from a Police Chief with a Ph.D. in Criminology Group-Motivated and Periodic Fire Setting for Terrorism in Urban Landscapes: An Analysis in Time and Space Privacy, Data Protection and Cyber Crimes: Mapping Perceptions of Pakistani Users A Comprehensive Survey of Social Engineering Attacks: Taxonomy of Attacks, Prevention, and Mitigation Strategies Human Rights Policies, Guidelines, and Standards in The Private Security Industry: A Scoping Review
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1