Detecting and Removing Web Application Vulnerabilities with Static Analysis and Data Mining


Although a giant analysis effort on.Net application security has been happening for more than a decade, the protection of internet applications continues to be a challenging problem. An important part of that downside derives from vulnerable source code, typically written in unsafe languages like PHP. Source code static analysis tools are a solution to search out vulnerabilities, however they have an inclination to get false positives, and need considerable effort for programmers to manually fix the code. We have a tendency to explore the employment of a combination of methods to get vulnerabilities in supply code with fewer false positives. We combine taint analysis, that finds candidate vulnerabilities, with information mining, to predict the existence of false positives. This approach brings along two approaches that are apparently orthogonal: humans coding the data regarding vulnerabilities (for taint analysis), joined with the seemingly orthogonal approach of automatically obtaining that knowledge (with machine learning, for knowledge mining). Given this enhanced form of detection, we have a tendency to propose doing automatic code correction by inserting fixes in the source code. Our approach was implemented within the WAP tool, and an experimental evaluation was performed with a giant set of PHP applications. Our tool found 38eight vulnerabilities in one.4 million lines of code. Its accuracy and precision were approximately 5% higher than PhpMinerII's and forty fivep.c higher than Pixy's.

Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE : Locate, Size and Count Accurately Resolving People in Dense Crowds via Detection ABSTRACT: We present a detection method for dense crowd counting that replaces the widely used density regression paradigm. Rather
PROJECT TITLE : Using Improved Conditional Generative Adversarial Networks to Detect Social Bots on Twitter ABSTRACT: The detection and elimination of dangerous social bots in social media has piqued commercial and academic interest.
PROJECT TITLE : A Machine Learning Approach for Fall Detection and Daily Living Activity Recognition ABSTRACT: In Western countries, the number of elderly individuals is steadily increasing. The majority of them wish to live freely
PROJECT TITLE : A Probabilistic Approach for Vision-Based  Fire Detection in Videos ABSTRACT: In the field of computer vision, automated fire detection is a hot topic. We propose and evaluate a new method for detecting fire
PROJECT TITLE :From Latency, Through Outbreak, to Decline: Detecting Different States of Emergency Events Using Web Resources - 2018ABSTRACT:An emergency event may be a sudden, urgent, typically sudden incident or occurrence that

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry