https://libeldoc.bsuir.by/handle/123456789/59578| Title: | Web application vulnerability testing framework |
| Authors: | Kondo, K. N. Nasonova, N. |
| Keywords: | материалы конференций;защита информации;SAST;DAST;IAST;machine learning |
| Issue Date: | 2025 |
| Publisher: | БГУИР |
| Citation: | Kondo, K. N. Web application vulnerability testing framework / K. N. Kondo, N. Nasonova // Технические средства защиты информации : материалы ХXIII Международной научно-технической конференции, Минск, 08 апреля 2025 года / Белорусский государственный университет информатики и радиоэлектроники [и др.] ; редкол.: О. В. Бойправ [и др.]. – Минск, 2025. – С. 20–22. |
| Abstract: | The increasing prevalence of cyberattacks targeting web applications necessitates advanced vulnerability detection techniques. Traditional methods such as Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) face challenges including high false positives, limited coverage of modem architectures (e.g., serverless, microservices), and inefficiency in identifying zero-day vulnerabilities. This paper proposes a hybrid vulnerability testing framework that combines SAST, DAST, and Machine Learning (ML) to enhance detection accuracy and adaptability. The technique integrates static code analysis for identifying insecure coding patterns, dynamic runtime monitoring to detect exploitation attempts, and an ML classifier trained on anomaly datasets to reduce false alarms. |
| URI: | https://libeldoc.bsuir.by/handle/123456789/59578 |
| Appears in Collections: | ТСЗИ 2025 |
| File | Description | Size | Format | |
|---|---|---|---|---|
| Kondo_ Web_application.pdf | 155.5 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.