Vulnerability Modelling to Improve performance of web application vulnerability scanners
Siham El Idrissi1, Ichrak Lafram2, Naoual Berbiche3, Fatima Guerouate4, Mohamed Sbihi5

1Siham El idrissi, LASTIMI Laboratory, Superior School of Technologies of Sale, Mohammadia School of Engineering, Mohamed V University city of Rabat, Morocco
2Ichrak lafram, LASTIMI Laboratory, Superior School of Technologies of Sale, Mohammadia School of Engineering, Mohamed V University city of Rabat, Morocco.
3Naoual Berbiche, LASTIMI Laboratory, Superior School of Technologies of Sale, Mohammadia School of Engineering, Mohamed V University city of Rabat, Morocco.
4Fatima Guerouate, , LASTIMI Laboratory, Superior School of Technologies of Sale, Mohammadia School of Engineering, Mohamed V University city of Rabat, Morocco.
5Mohamed Sbihi, , LASTIMI Laboratory, Superior School of Technologies of Sale, Mohammadia School of Engineering, Mohamed V University city of Rabat, Morocco.

Manuscript received on 18 June 2019 | Revised Manuscript received on 25 June 2019 | Manuscript published on 30 June 2019 | PP: 2445-2452 | Volume-8 Issue-5, June 2019 | Retrieval Number: E7536068519/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Although web vulnerability scanners are valuable components when auditing the security of an application or website, they largely lack the ability to identify important vulnerability classes in advance. Therefore, a scanner is needed to help cover a wide range of vulnerability types. A new modelling of Web vulnerabilities is proposed in this article to highlight the input vectors that can convey them in Web applications. The modelling will then be used in the dataset creation phase based on the input vectors that will subsequently be modelled and detailed in this article. The modelling will be considered as the input of the learning system, in order to apply machine-learning techniques later, to optimize the scanners and this by improving the vulnerability detection performances by these tools.
Keywords: Web Application, Attacks, Vulnerabilities, Web Vulnerability Scanners, Vulnerability Modelling.

Scope of the Article: Web Application