Web Security Aware by using Naive Baye’s ML Technique

Web applications support many of our daily activities, but they often have security issues, and their accessibility makes them easy to use. This paper presents an analysis for finding vulnerabilities that directly address weak or absent of input validation. We present the techniques for finding security vulnerabilities in Web applications. We implement our proposed system with a machine learning technique (ML technique) to measure the accuracy and provide an extensive evaluation that finds all vulnerabilities in web applications. SQL injection, Cross-Site Scripting (XSS), HTTP and command inj1ection vulnerabilities are addressed in the proposed system and also Naive Bayes ML technique is used to calculate the accurateness. The experimental result shows the technique is more efficient and accurate.

Security Testing Tool for NoSQL Systems

NoSQL systems are becoming more popular due to their inherent advantages and solutions it provides to the limits of a relational database. However, despite its benefits, it comes with security challenges. In this paper, an input validation mechanism architecture is proposed for Mongo DB to detect and prevent NoSQL injection attacks, the mechanism employs a Deterministic Finite Automaton (DFA) approach to detect and prevent attacks on NoSQL systems. Furthermore, a security comparison of some NoSQL systems is provided based on recent literature. The security features compared are authentication, authorization, data encryption and input validation. The proposed mechanism will improve the security of Mongo DB system because invalid inputs requests will be detected and prevented from being processed.