Abstract:
Vulnerabilities are known to be difficult to detect and prevent, especially in the context of web
application. Although a significant research on web application security has been ongoing for
a while, these applications have been a major source of problems and their security continues
to be challenged. An important part of the problem derives from vulnerable source code of web
applications. In order to overcome web vulnerabilities, different penetration tester used variety
secure programming, static analysis, dynamic analysis, hybrid analysis
of techniques such as and machine learning. Machine learning is consider an approach to prevent web vulnerabilities
with a wide range of web applications because it is more preferable and does not have problems
of false positive rate.
There are numerous method proposed for detecting web vulnerabilities based on machine
learning. It is very difficult to measure, which method is efficient to secure web application.
Furthermore, there is lack of study found that targets the comparison of machine-learning method.to Find out optimal method. However, comparative study is required to understand the
six differentpath that could be followed by different penetration tester. In this thesis we use
machine learning. In order to fmd optimal method for existing studies,
Drupal metrics file With J48 and random forest. We have implemented .
methods based on
decision were taken on NMPREDIGTO^. method with the feature extraction, performance parameters, classifiers with
default parameters and 10k cross validation. Training data is passed through J48 and random
forest to form a training model on which testing data is predicted and analyzed. Our results
state that, to prevent web vulnerabilities VULPREDICTOR shows better results as compared
to all others methods. We have found much higher accuracy of NMPREDICTOR method with
respect to those reported by existing studies.
