Detecting and Removing Web Application Vulnerabilities with Static Analysis and Data Mining


Although a giant analysis effort on.Net application security has been happening for more than a decade, the protection of internet applications continues to be a challenging problem. An important part of that downside derives from vulnerable source code, typically written in unsafe languages like PHP. Source code static analysis tools are a solution to search out vulnerabilities, however they have an inclination to get false positives, and need considerable effort for programmers to manually fix the code. We have a tendency to explore the employment of a combination of methods to get vulnerabilities in supply code with fewer false positives. We combine taint analysis, that finds candidate vulnerabilities, with information mining, to predict the existence of false positives. This approach brings along two approaches that are apparently orthogonal: humans coding the data regarding vulnerabilities (for taint analysis), joined with the seemingly orthogonal approach of automatically obtaining that knowledge (with Machine Learning, for knowledge mining). Given this enhanced form of detection, we have a tendency to propose doing automatic code correction by inserting fixes in the source code. Our approach was implemented within the WAP tool, and an experimental evaluation was performed with a giant set of PHP applications. Our tool found 38eight vulnerabilities in one.4 million lines of code. Its accuracy and precision were approximately 5% higher than PhpMinerII's and forty fivep.c higher than Pixy's.

Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE : Traffic Anomaly Detection in Wireless Sensor Networks Based on Principal Component Analysis and Deep Convolution Neural Network ABSTRACT: Because of the proliferation of wireless networks, wireless sensor networks
PROJECT TITLE : The Devil Is in the Details An Efficient Convolutional Neural Network for Transport Mode Detection ABSTRACT: The objective of the classification problem known as transport mode detection is to devise an algorithm
PROJECT TITLE : Transferable Interactiveness Knowledge for Human-Object Interaction Detection ABSTRACT: In order to gain a better understanding of the ways in which people interact with things around them, it is necessary to
PROJECT TITLE : SWNet A Deep Learning Based Approach for Splashed Water Detection on Road ABSTRACT: Unfavorable weather conditions pose a significant risk to the public's safety on the roads, and this is especially true during
PROJECT TITLE : Deep Hough Transform for Semantic Line Detection ABSTRACT: We concentrate on a fundamental task known as semantic line detection in natural scenes, which involves identifying meaningful line structures. A great

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry