Spaces:
Runtime error
Runtime error
References
Academic and technical references that inspired or are cited by IntelliScan.
Foundational papers
- Breiman, L. (2001). Random forests. Machine Learning, 45(1), 5-32. https://doi.org/10.1023/A:1010933404324
- Breiman, L. (1996). Bagging predictors. Machine Learning, 24(2), 123-140.
- Mitchell, T. M. (1997). Machine Learning. McGraw-Hill.
- Pedregosa, F. et al. (2011). Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, 12, 2825-2830.
Web security
- OWASP Foundation (2021). OWASP Top 10. https://owasp.org/www-project-top-ten/
- OWASP Foundation (2021). Web Security Testing Guide v4.2. https://owasp.org/www-project-web-security-testing-guide/
- Clarke, J. (2012). SQL Injection Attacks and Defense (2nd ed.). Syngress.
- Stallings, W. & Brown, L. (2018). Computer Security: Principles and Practice (4th ed.). Pearson.
- Fielding, R. & Reschke, J. (2014). HTTP/1.1: Semantics and Content (RFC 7231). IETF.
ML for vulnerability detection
- Alghawazi, M., Alghazzawi, D. & Alarifi, S. (2022). Detection of SQL injection attack using machine learning techniques. Journal of Cybersecurity and Privacy, 2(4), 764-777.
- Tadhani, T. et al. (2024). Securing web applications against SQL injection and cross-site scripting using a hybrid deep learning approach. Scientific Reports (Nature), 14, 5120.
- Lamrani Alaoui, R. & Nfaoui, E. H. (2023). Cross site scripting attack detection approach based on LSTM encoder-decoder and word embeddings. International Journal of Intelligent Systems and Applications in Engineering, 11(3).
- Lamrani Alaoui, R. & Nfaoui, E. H. (2022). Deep learning based approaches for web vulnerability detection: A systematic review. Future Internet (MDPI), 14(12), 364.
- Kaur, J., Garg, U. & Bathla, G. (2023). Detection of cross-site scripting (XSS) attacks using machine learning techniques: A review. Artificial Intelligence Review (Springer), 56(11).
- Dawadi, B. R., Adhikari, B. & Srivastava, D. K. (2023). Deep learning technique-enabled web application firewall for detection of web attacks. Sensors (MDPI), 23(4), 2073.
- Herman, Y. P. et al. (2023). Web application vulnerability detection using K-Nearest Neighbor and Naive Bayes algorithms. International Journal of Artificial Intelligence Research, 7(1).
- Irungu, J., Graham, S., Girma, A. & Kacem, T. (2023). Artificial intelligence techniques for SQL injection attack detection. ACM ICIIT 2023.
Industry reports
- IBM (2023). Cost of a Data Breach Report 2023. https://www.ibm.com/reports/data-breach
- Verizon (2023). 2023 Data Breach Investigations Report (DBIR). https://www.verizon.com/business/resources/reports/dbir/
- Edgescan (2023). 2023 Vulnerability Statistics Report (8th ed.).
Tools & infrastructure
- Merkel, D. (2014). Docker: Lightweight Linux containers for consistent development and deployment. Linux Journal.
- Geron, A. (2022). Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow (3rd ed.). O'Reilly.
- Van Rossum, G. & Drake, F. L. (2009). Python 3 Reference Manual. CreateSpace.
Test targets
- DVWA: Damn Vulnerable Web Application. https://github.com/digininja/DVWA
- WebGoat: OWASP. https://owasp.org/www-project-webgoat/
- OWASP Juice Shop: https://owasp.org/www-project-juice-shop/