Contact
  • E-ISSN:

    2454-9584

    P-ISSN

    2454-8111

    Impact Factor 2024

    6.713

    Impact Factor 2023

    6.464

  • E-ISSN:

    2454-9584

    P-ISSN

    2454-8111

    Impact Factor 2024

    6.713

    Impact Factor 2023

    6.464

  • E-ISSN:

    2454-9584

    P-ISSN

    2454-8111

    Impact Factor 2024

    6.713

    Impact Factor 2023

    6.464

INTERNATIONAL JOURNAL OF INVENTIONS IN ENGINEERING & SCIENCE TECHNOLOGY

International Peer Reviewed (Refereed), Open Access Research Journal
(By Aryavart International University, India)

Paper Details

AI-Driven Defense Mechanisms for Web Application Vulnerabilities

Aadi Chawla

Delhi Public School, RK Puram, New Delhi

66 - 72 Vol. 9, Issue 1, Jan-Dec, 2023
Receiving Date: 2023-02-09;    Acceptance Date: 2023-02-27;    Publication Date: 2023-05-12
Download PDF

Abstract

Web applications are at the center of the digital environment, but also the greatest targets for exploitation of vulnerabilities such as SQL Injection (SQLi), Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and Server-Side Request Forgery (SSRF). High-profile exploits involving the Equifax data breach (2017) via SQL Injection, the Yahoo Mail XSS site attack (2013) resulting in user session compromise, the CSRF vulnerability affecting GitHub (2019) authorizing behaviour in repositories, and the Capital One SSRF exploit (2019) that compromised over 100 million customer records exemplify how destructive exploits in these attack vectors can become. Legacy signature-based web application firewalls (WAFs) and static rule engines often fall short of effectively detecting evolving or obfuscated attack payloads. AI and ML can circumvent these limitations by providing adaptive, context-aware detection that is able to detect both known and zero-day threats.

Keywords: Artificial Intelligence; Web Application Firewall; Cybersecurity; SQL Injection; Cross-Site Scripting; CSRF; SSRF; Deep Learning

    References

  1. Alghawazi, M., Alghazzawi, D., & Alarifi, S. (2022). Detection of SQL Injection Attack Using Machine Learning Techniques: A Systematic Literature Review. Journal of Cybersecurity and Privacy, *2*(4), 764–777. https://doi.org/10.3390/jcp2040039
  2. Alam, M., [et al.] (2024). Deep Learning-Based Detection of SSRF and Related Application-Layer Attacks. Sensors, *24*(6), 3215. https://doi.org/10.3390/s24063215
  3. Bhusal, S., [et al.] (2023). Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks. Sensors, *23*(4), 2073. https://doi.org/10.3390/s23042073
  4. El Hajj, A., [et al.] (2024). Machine Learning Techniques for Detecting Cross-Site Request Forgery Attacks in Web Applications. IEEE Access, *12*. https://doi.org/10.1109/ACCESS.2024.3352714
  5. Fang, Y., [et al.] (2018). Cross-Site Scripting Detection Based on Deep Learning (DeepXSS). Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY). https://doi.org/10.1145/3194452.3194469
  6. Shen, R., & Mitra, T. (2023). Server-Side Request Forgery Attack Detection Using Hybrid Anomaly Models. Computers & Security, *131*, 103879. https://doi.org/10.1016/j.cose.2023.103879
Back

Disclaimer: Indexing of published papers is subject to the evaluation and acceptance criteria of the respective indexing agencies. While we strive to maintain high academic and editorial standards, International Journal of Inventions in Engineering & Science Technology does not guarantee the indexing of any published paper. Acceptance and inclusion in indexing databases are determined by the quality, originality, and relevance of the paper, and are at the sole discretion of the indexing bodies.