MACHINE LEARNING METHODES AND TECHNIQUES IN WEB APPLICATION SECURITY

Abstract

Abstract : As the digital landscape evolves, web applications have become integral to modern life, offering a diverse range of services and functionalities. Yet, they also present an enticing target for malicious actors, leading to an ever-increasing spectrum of cyber threats. This thesis embarks on a comprehensive exploration of the integration of Machine Learning (ML) in web application security, with a dual purpose: to assess the viability of ML as a robust and proactive defense against these threats and to highlight the limitations of recent works in the Ąeld. The journey commences with a thorough examination of web applications, tracing their historical evolution and contextualizing their signiĄcance in contemporary society. Subsequently, the intricate domain of web security is unveiled, wherein we dissect the multifaceted challenges and vulnerabilities faced by web applications. In parallel, the fundamental principles and techniques of ML are explored, offering a foundational understanding of the transformative technology. The state of the art section provides a comprehensive overview of current research, encompassing MLŠs role in port scanning, integration in Ąrewalls and Intrusion Detection Systems (IDS), and application in web scanning and security tools. A critical evaluation of related works sheds light on the limitations of existing research, providing a nuanced perspective on the current state of the Ąeld. In summary, this thesis demonstrates the potential of ML to revolutionize web application security. Simultaneously, it underscores the limitations of recent works, emphasizing the need for continued research and innovation. The integration of ML in web security signiĄes not the end but the beginning of a journey toward a more secure and resilient digital future.