Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications

IF 16.4 1区化学 Q1 CHEMISTRY, MULTIDISCIPLINARY

Accounts of Chemical Research Pub Date : 2022-07-10 DOI:10.1080/19361610.2022.2096387

Rrezearta Thaqi, Kamer Vishi, Blerim Rexha

引用次数: 2

Abstract

Abstract Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.

查看原文本刊更多论文

增强Burp套件的机器学习扩展，用于Web应用程序的漏洞评估

摘要今天的网络代表了人类有史以来最广泛的工程系统。网络安全对网络应用程序提供商和最终用户至关重要。Burp Suite是一套最先进、功能齐全的网络漏洞扫描工具。本文提出了一种将最先进的机器学习算法应用于Burp Suite扩展的新方法。这些算法用于扫描大学网络应用程序中的SQL注入、跨站点请求伪造和XML外部实体漏洞。结果表明，最佳算法是长短期记忆，目标网站使用安全。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Accounts of Chemical Research 化学-化学综合

CiteScore

31.40

自引率

1.10%

发文量

312

审稿时长

2 months

期刊介绍： Accounts of Chemical Research presents short, concise and critical articles offering easy-to-read overviews of basic research and applications in all areas of chemistry and biochemistry. These short reviews focus on research from the author’s own laboratory and are designed to teach the reader about a research project. In addition, Accounts of Chemical Research publishes commentaries that give an informed opinion on a current research problem. Special Issues online are devoted to a single topic of unusual activity and significance. Accounts of Chemical Research replaces the traditional article abstract with an article "Conspectus." These entries synopsize the research affording the reader a closer look at the content and significance of an article. Through this provision of a more detailed description of the article contents, the Conspectus enhances the article's discoverability by search engines and the exposure for the research.