Designing a vulnerability threat detection scanner with the use of machine learning models

Designing a vulnerability threat detection scanner with the use of machine learning models

연구 분야: Strategies

학회: IAIT '23: Proceedings of the 13th International Conference on Advances in Information Technology

Vulnerabilities are a serious threat to operational systems, networks, and applications. Identifying them in web services is crucial for organizations aiming to safeguard their intellectual property and data. This process involves automated scans to detect underlying software issues that could lead to data corruption, loss, or system compromise. Advanced technologies, including vulnerability scanners based on automated testing tools, are employed to detect attacks on web resources. This research focuses on developing an effective vulnerability scanner and analyzing its functionality to ensure information system security. Vulnerability scanners employ various threat detection approaches, including signature detection, behavioral analysis, heuristics, data flow analysis, and machine learning models. Experiments in this work are devoted to the detection of SQL injection threats. The steps, such as data preprocessing, cleaning, normalization, feature extraction, and classification with machine learning algorithms (Naïve Bayes, Logistic Regression, Decision Tree, Random Forest, and XGBoost), were implemented to train machine learning models. The trained models showed impressive classification scores of 0.95 and above for Accuracy, Precision, Recall, and F1-score metrics. These results prove the effectiveness of utilizing a machine-learning approach for SQL injection identification scanners.