Development of a Vulnerability Detection System Utilizing Pattern Matching Technology and Security

Development of a Vulnerability Detection System Utilizing Pattern Matching Technology and Security

연구 분야: Infrastructure

학회: 2024 International Conference on Innovative Computing, Intelligent Communication and Smart Electrical Systems (ICSES)

The challenge of testing modern cybersecurity efficiency in a web application lies around developed systems of vulnerability detection. Precisely, the technologies discussed in combination pave the way toward a more efficient detection of security flaws in web applications. Usage-wise, it uses a templating framework for the methodological approach in sending HTTP requests and interpreting the feedback accorded for the particular rules that may relate to revealing vulnerabilities. It reduces false positives with the help of pattern clustering that rescan the information accessed from previously scanned. It gives live, real-time appraisals of web applications and is self-navigating through web pages. Data is to be preserved in its integrity and confidentiality, and such parts are always under risk. Many organizations rely on Vulnerability Assessments (VA) for such issues. VA is the approach which organizations rely on to assess security vulnerabilities in order to counter the security threats. This research has automatically and managed vulnerabilities using tailored YAML templates. Consequently, the designed automated scanner with tailored YAML templates was supposed to scan the working infrastructure application for Vulnerability Assessment. In this approach within the YAML templates of defined vulnerabilities, it enhances security testing. This research has a contribution to the field of security automation because this is the first work on a focus on tailored endpoints, avoiding pre-attacks to attack surfaces, and maintaining an active process of surveillance of vulnerabilities without risking false positives before any possible exploitation within both internal and external infrastructure applications.