A Machine Learning based Approach to Identify SQL Injection Vulnerabilities
Wed 13 Nov 2019 14:25 - 14:40 at South Park - Student Research Competition - Selected Presentations (Undergraduate) Chair(s): Jie M. Zhang, Jin L.C. Guo
This paper presents a machine learning classifier designed to identify SQL injection vulnerabilities in PHP code. Both classical and deep learning based machine learning algorithms were used to train and evaluate classifier models using input validation and sanitization features extracted from source code files. On ten-fold cross validations a model trained using Convolutional Neural Network(CNN) achieved the highest precision (95.4%), while a model based on Multilayer Perceptron (MLP) achieved the highest recall (63.7%) and the highest f-measure (0.746).
Tue 12 Nov
Wed 13 Nov
13:40 - 15:20: Student Research Competition - Student Research Competition - Selected Presentations (Undergraduate) at South Park Chair(s): Jie M. ZhangUniversity College London, UK, Jin L.C. GuoMcGill University | ||||||||||||||||||||||||||||||||||||||||||
13:40 - 13:55 | Crowdsourced Report Generation via Bug Screenshot Understanding Shengcheng YuNanjing University, China | |||||||||||||||||||||||||||||||||||||||||
13:55 - 14:10 | Towards Comprehensible Representation of Controllers using Machine Learning Gargi BalasubramaniamBirla Institute of Technology and Science, Pilani, K K Birla Goa Campus | |||||||||||||||||||||||||||||||||||||||||
14:10 - 14:25 | Empirical Study of Python Call Graph Li YuNanjing University | |||||||||||||||||||||||||||||||||||||||||
14:25 - 14:40 | A Machine Learning based Approach to Identify SQL Injection Vulnerabilities Kevin ZhangWayne State University | |||||||||||||||||||||||||||||||||||||||||
14:40 - 14:55 | Boosting Neural Commit Message Generation with Code Semantic Analysis Shuyao JiangFudan University |