{"id":"https://openalex.org/W4389779306","doi":"https://doi.org/10.1109/dsc61021.2023.10354106","title":"Detecting Web Application DAST Attacks with Machine Learning","display_name":"Detecting Web Application DAST Attacks with Machine Learning","publication_year":2023,"publication_date":"2023-11-07","ids":{"openalex":"https://openalex.org/W4389779306","doi":"https://doi.org/10.1109/dsc61021.2023.10354106"},"language":"en","primary_location":{"id":"doi:10.1109/dsc61021.2023.10354106","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsc61021.2023.10354106","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Conference on Dependable and Secure Computing (DSC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093504265","display_name":"Pojan Shahrivar","orcid":null},"institutions":[{"id":"https://openalex.org/I111088046","display_name":"Boston University","ror":"https://ror.org/05qwgg493","country_code":"US","type":"education","lineage":["https://openalex.org/I111088046"]},{"id":"https://openalex.org/I4210150651","display_name":"Rapid Flow (United States)","ror":"https://ror.org/04xmn6g49","country_code":"US","type":"company","lineage":["https://openalex.org/I4210150651"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pojan Shahrivar","raw_affiliation_strings":["Rapid7 LLC,Boston,USA","Rapid7 LLC, Boston, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Rapid7 LLC,Boston,USA","institution_ids":["https://openalex.org/I4210150651"]},{"raw_affiliation_string":"Rapid7 LLC, Boston, USA","institution_ids":["https://openalex.org/I111088046"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089028359","display_name":"Stuart Millar","orcid":"https://orcid.org/0000-0002-4258-7853"},"institutions":[{"id":"https://openalex.org/I111088046","display_name":"Boston University","ror":"https://ror.org/05qwgg493","country_code":"US","type":"education","lineage":["https://openalex.org/I111088046"]},{"id":"https://openalex.org/I4210150651","display_name":"Rapid Flow (United States)","ror":"https://ror.org/04xmn6g49","country_code":"US","type":"company","lineage":["https://openalex.org/I4210150651"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stuart Millar","raw_affiliation_strings":["Rapid7 LLC,Boston,USA","Rapid7 LLC, Boston, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Rapid7 LLC,Boston,USA","institution_ids":["https://openalex.org/I4210150651"]},{"raw_affiliation_string":"Rapid7 LLC, Boston, USA","institution_ids":["https://openalex.org/I111088046"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087717727","display_name":"Ezzeldin Shereen","orcid":"https://orcid.org/0000-0002-9988-9545"},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Ezzeldin Shereen","raw_affiliation_strings":["KTH Royal Institute of Technology,Stockholm,Sweden","KTH Royal Institute of Technology, Stockholm, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"KTH Royal Institute of Technology,Stockholm,Sweden","institution_ids":["https://openalex.org/I86987016"]},{"raw_affiliation_string":"KTH Royal Institute of Technology, Stockholm, Sweden","institution_ids":["https://openalex.org/I86987016"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.1897,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.53771921,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7546544075012207},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3372425436973572},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.33178478479385376}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7546544075012207},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3372425436973572},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33178478479385376}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/dsc61021.2023.10354106","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsc61021.2023.10354106","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Conference on Dependable and Secure Computing (DSC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7599999904632568,"id":"https://metadata.un.org/sdg/3","display_name":"Good health and well-being"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W45826981","https://openalex.org/W106114845","https://openalex.org/W959081337","https://openalex.org/W2061068374","https://openalex.org/W2099940443","https://openalex.org/W2103378897","https://openalex.org/W2144211451","https://openalex.org/W2150847526","https://openalex.org/W2293500063","https://openalex.org/W2399941526","https://openalex.org/W2512144135","https://openalex.org/W2739181022","https://openalex.org/W2762776925","https://openalex.org/W2783741806","https://openalex.org/W2883730939","https://openalex.org/W2926701059","https://openalex.org/W2970293835","https://openalex.org/W2972414240","https://openalex.org/W3016054986","https://openalex.org/W3035965352","https://openalex.org/W3045229347","https://openalex.org/W3099878876","https://openalex.org/W4211061679","https://openalex.org/W4307964233","https://openalex.org/W6696951425","https://openalex.org/W7047381192"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W4402327032","https://openalex.org/W2382290278"],"abstract_inverted_index":{"Dynamic":[0],"application":[1,90,104],"security":[2,31,69],"testing":[3],"(DAST)":[4],"scanning":[5],"consists":[6],"of":[7,16,24,58,91,119,137,146,153,159],"automated":[8],"requests":[9],"to":[10,50,60,94,121],"web":[11,61,103,166],"applications":[12,62],"with":[13,47,73],"the":[14,21,64,88,111],"goal":[15],"uncovering":[17],"exploitable":[18],"vulnerabilities.":[19],"While":[20],"legitimate":[22],"use":[23],"scanners":[25],"aids":[26],"development":[27],"teams":[28],"in":[29,40],"improving":[30],"postures,":[32],"they":[33,67],"are":[34,71,133],"often":[35],"used":[36],"by":[37],"malicious":[38],"actors":[39],"a":[41,48,101,156],"brute-force":[42],"manner":[43],"for":[44],"attack":[45],"reconnaissance":[46],"view":[49],"eventual":[51],"compromise.":[52],"Despite":[53],"this":[54],"threat":[55],"from":[56,77,126],"misuse":[57],"DAST":[59,97],"and":[63,115,155],"critical":[65],"data":[66],"handle,":[68],"mechanisms":[70],"lacking,":[72],"threshold-based":[74],"classifiers":[75],"suffering":[76],"being":[78],"overly":[79],"sensitive,":[80],"causing":[81],"excessive":[82],"false":[83],"positives.":[84],"This":[85],"paper":[86],"demonstrates":[87],"first":[89],"machine":[92],"learning":[93],"specifically":[95],"detect":[96],"attacks":[98],"that":[99],"augments":[100],"next-generation":[102],"firewall":[105],"implementing":[106],"OWASP\u2019s":[107],"AppSensor":[108],"framework.":[109],"Avoiding":[110],"brittle":[112],"threshold":[113],"approach":[114],"using":[116],"tumbling":[117],"windows":[118],"time":[120],"generate":[122],"aggregated":[123],"event":[124],"features":[125],"source":[127],"IPs,":[128],"twelve":[129],"random":[130],"forest":[131],"models":[132],"trained":[134],"on":[135,161],"millions":[136],"real-world":[138],"events.":[139],"Results":[140],"show":[141],"an":[142,150],"optimal":[143],"window":[144],"size":[145],"60":[147],"seconds":[148],"achieves":[149],"F1":[151],"score":[152],"0.94":[154],"miss":[157],"rate":[158],"6%":[160],"average":[162],"across":[163],"three":[164],"production-grade":[165],"applications.":[167]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}