Abstract

In this research, author present an approach for detecting web application vulnerabilities using Machine Learning (ML). Due to their diversity and broad use of bespoke programming approaches, web applications are particularly difficult to analyses. As a result, machine learning highly valuable in web security: It might blend human understanding of web app semantics into mechanized analysis techniques using manually explained data. These approaches were used to create Mitch, the first machine learning sol for black-box diagnosis off Cross-Site Request Forgery's (CSRF) vulnerabilities. Mitch assisted us in discovering 35 new cross-site request forgery's (CSRFs) across 20 major domains, as well as three additional CSRFs in production software.