BACAD: AI-based framework for detecting vertical broken access control attacks

IF 5 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Egyptian Informatics Journal Pub Date : 2024-11-10 DOI:10.1016/j.eij.2024.100571

Ahmed Anas , Ayman A. Alhelbawy , Salwa El Gamal , Basheer Youssef

{"title":"BACAD: AI-based framework for detecting vertical broken access control attacks","authors":"Ahmed Anas , Ayman A. Alhelbawy , Salwa El Gamal , Basheer Youssef","doi":"10.1016/j.eij.2024.100571","DOIUrl":null,"url":null,"abstract":"<div><div>Vertical Broken Access Control (VBAC) vulnerability is one of the most commonly identified issues in web applications, posing significant risks. Consequently, addressing this pervasive threat is crucial for ensuring system confidentiality and integrity. Broken access control attack detector (BACAD) is a novel framework that leverages advanced AI techniques to neutralize VBAC exploits and attacks in real-time using a dynamic and practical technique. The detection process consists of two steps. The first step is user role classification using an advanced artificial intelligence (AI) model created in a learning phase. The learning phase includes BACAD initial configuration and application user roles traffic generation used for AI model training. The AI model at the core of BACAD analyzes web requests and responses utilizing a robust feature extraction, and dynamic hyperparameter tuning to ensure optimal performance across diverse scenarios. The second step is the decision step, which determines whether the incoming request–response pair is benign or an attack by validating it vs the BACAD session information set. The evaluation against a spectrum of real-world and demonstration web applications highlights remarkable efficiency in detecting VBAC exploits, providing robust application protection against different sets of VBAC attacks. Furthermore, it shows that BACAD addresses the VBAC problem by presenting an applicable, dynamic, flexible, and technology-independent solution to counter VBAC vulnerability risks. Thus, BACAD contributes significantly to the ongoing efforts aimed at enhancing web application security.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"28 ","pages":"Article 100571"},"PeriodicalIF":5.0000,"publicationDate":"2024-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Egyptian Informatics Journal","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110866524001348","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Vertical Broken Access Control (VBAC) vulnerability is one of the most commonly identified issues in web applications, posing significant risks. Consequently, addressing this pervasive threat is crucial for ensuring system confidentiality and integrity. Broken access control attack detector (BACAD) is a novel framework that leverages advanced AI techniques to neutralize VBAC exploits and attacks in real-time using a dynamic and practical technique. The detection process consists of two steps. The first step is user role classification using an advanced artificial intelligence (AI) model created in a learning phase. The learning phase includes BACAD initial configuration and application user roles traffic generation used for AI model training. The AI model at the core of BACAD analyzes web requests and responses utilizing a robust feature extraction, and dynamic hyperparameter tuning to ensure optimal performance across diverse scenarios. The second step is the decision step, which determines whether the incoming request–response pair is benign or an attack by validating it vs the BACAD session information set. The evaluation against a spectrum of real-world and demonstration web applications highlights remarkable efficiency in detecting VBAC exploits, providing robust application protection against different sets of VBAC attacks. Furthermore, it shows that BACAD addresses the VBAC problem by presenting an applicable, dynamic, flexible, and technology-independent solution to counter VBAC vulnerability risks. Thus, BACAD contributes significantly to the ongoing efforts aimed at enhancing web application security.

查看原文本刊更多论文

BACAD：基于人工智能的垂直破坏访问控制攻击检测框架

垂直断点访问控制（VBAC）漏洞是网络应用程序中最常发现的问题之一，会带来重大风险。因此，解决这一普遍存在的威胁对于确保系统的保密性和完整性至关重要。破损访问控制攻击检测器（BACAD）是一个新颖的框架，它利用先进的人工智能技术，采用动态和实用的技术实时消除 VBAC 漏洞和攻击。检测过程包括两个步骤。第一步是使用在学习阶段创建的高级人工智能（AI）模型进行用户角色分类。学习阶段包括 BACAD 初始配置和用于人工智能模型训练的应用程序用户角色流量生成。BACAD 核心的人工智能模型利用强大的特征提取和动态超参数调整来分析网络请求和响应，以确保在不同场景中实现最佳性能。第二步是决策步骤，通过对 BACAD 会话信息集进行验证，确定传入的请求-响应对是良性的还是攻击。针对一系列真实世界和演示网络应用程序的评估结果表明，BACAD 在检测 VBAC 攻击方面具有显著的效率，能针对不同的 VBAC 攻击集提供强大的应用程序保护。此外，评估结果表明，BACAD 通过提供一种适用、动态、灵活且与技术无关的解决方案来应对 VBAC 漏洞风险，从而解决了 VBAC 问题。因此，BACAD 对目前旨在增强网络应用程序安全性的努力做出了重大贡献。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Egyptian Informatics Journal Decision Sciences-Management Science and Operations Research

CiteScore

11.10

自引率

1.90%

发文量

审稿时长

110 days

期刊介绍： The Egyptian Informatics Journal is published by the Faculty of Computers and Artificial Intelligence, Cairo University. This Journal provides a forum for the state-of-the-art research and development in the fields of computing, including computer sciences, information technologies, information systems, operations research and decision support. Innovative and not-previously-published work in subjects covered by the Journal is encouraged to be submitted, whether from academic, research or commercial sources.