{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T08:09:47Z","timestamp":1770538187603,"version":"3.49.0"},"publisher-location":"Singapore","reference-count":28,"publisher":"Springer Singapore","isbn-type":[{"value":"9789811360510","type":"print"},{"value":"9789811360527","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-981-13-6052-7_41","type":"book-chapter","created":{"date-parts":[[2019,3,11]],"date-time":"2019-03-11T12:04:19Z","timestamp":1552305859000},"page":"473-484","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["Predicting Web Vulnerabilities in Web Applications Based on Machine Learning"],"prefix":"10.1007","author":[{"given":"Muhammad Noman","family":"Khalid","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Humera","family":"Farooq","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muhammad","family":"Iqbal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muhammad Talha","family":"Alam","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kamran","family":"Rasheed","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,3,12]]},"reference":[{"issue":"12","key":"41_CR1","first-page":"411","volume":"8","author":"MN Khalid","year":"2017","unstructured":"Khalid, M.N., Iqbal, M., Alam, M.T., Jain, V., Mirza, H., Rasheed, K.: Web unique method (WUM): an open source blackbox scanner for detecting web vulnerabilities. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 8(12), 411\u2013417 (2017)","journal-title":"Int. J. Adv. Comput. Sci. Appl. (IJACSA)"},{"key":"41_CR2","doi-asserted-by":"crossref","first-page":"298","DOI":"10.1016\/j.procs.2016.02.057","volume":"78","author":"D Kaur","year":"2016","unstructured":"Kaur, D., Kaur, P.: Empirical analysis of web attacks. Proc. Comput. Sci. 78, 298\u2013306 (2016)","journal-title":"Proc. Comput. Sci."},{"key":"41_CR3","series-title":"AISC","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-319-73450-7_10","volume-title":"Information Theoretic Security","author":"JK Alhassan","year":"2018","unstructured":"Alhassan, J.K., Misra, S., Umar, A., Maskeli\u016bnas, R., Dama\u0161evi\u010dius, R., Adewumi, A.: A fuzzy classifier-based penetration testing for web applications. In: Rocha, \u00c1., Guarda, T. (eds.) Information Theoretic Security. AISC, vol. 721, pp. 95\u2013104. Springer, Cham (2018). \n                    https:\/\/doi.org\/10.1007\/978-3-319-73450-7_10"},{"key":"41_CR4","doi-asserted-by":"crossref","first-page":"160","DOI":"10.1016\/j.infsof.2016.02.005","volume":"74","author":"G Deepa","year":"2016","unstructured":"Deepa, G., Thilagam, P.S.: Securing web applications from injection and logic vulnerabilities: approaches and challenges. Inf. Softw. Technol. 74, 160\u2013180 (2016)","journal-title":"Inf. Softw. Technol."},{"key":"41_CR5","doi-asserted-by":"crossref","unstructured":"Gupta, M.K., Govil, M.C., Singh, G.: Predicting cross-site scripting (XSS) security vulnerabilities in web applications. In: 2015 12th International Joint Conference on Computer Science and Software Engineering (JCSSE), pp. 162\u2013167. IEEE (2015)","DOI":"10.1109\/JCSSE.2015.7219789"},{"key":"41_CR6","doi-asserted-by":"crossref","unstructured":"Bozic, J., Wotawa, F.: PURITY: a planning-based security testing tool. In: 2015 IEEE International Conference on Software Quality, Reliability and Security-Companion (QRS-C), pp. 46\u201355. IEEE (2015)","DOI":"10.1109\/QRS-C.2015.19"},{"issue":"4","key":"41_CR7","doi-asserted-by":"crossref","first-page":"56","DOI":"10.1145\/3092566","volume":"50","author":"SM Ghaffarian","year":"2017","unstructured":"Ghaffarian, S.M., Shahriari, H.R.: Software vulnerability analysis and discovery using machine-learning and data-mining techniques: a survey. ACM Comput. Surv. (CSUR) 50(4), 56 (2017)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"41_CR8","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1016\/j.neucom.2015.11.139","volume":"256","author":"J Kang","year":"2017","unstructured":"Kang, J., Park, J.H.: A secure-coding and vulnerability check system based on smart-fuzzing and exploit. Neurocomputing 256, 23\u201334 (2017)","journal-title":"Neurocomputing"},{"issue":"5","key":"41_CR9","doi-asserted-by":"crossref","first-page":"861","DOI":"10.3233\/JCS-2009-0385","volume":"18","author":"N Jovanovic","year":"2010","unstructured":"Jovanovic, N., Kruegel, C., Kirda, E.: Static analysis for detecting taint-style vulnerabilities in web applications. J. Comput. Secur. 18(5), 861\u2013907 (2010)","journal-title":"J. Comput. Secur."},{"issue":"2","key":"41_CR10","doi-asserted-by":"crossref","first-page":"190","DOI":"10.1109\/CC.2018.8300281","volume":"15","author":"J Li","year":"2018","unstructured":"Li, J., et al.: An integration-testing framework and evaluation metric for vulnerability mining methods. China Commun. 15(2), 190\u2013208 (2018)","journal-title":"China Commun."},{"issue":"2","key":"41_CR11","doi-asserted-by":"crossref","first-page":"885","DOI":"10.1007\/s13369-016-2362-5","volume":"42","author":"DR Sahu","year":"2017","unstructured":"Sahu, D.R., Tomar, D.S.: Analysis of web application code vulnerabilities using secure coding standards. Arab. J. Sci. Eng. 42(2), 885\u2013895 (2017)","journal-title":"Arab. J. Sci. Eng."},{"key":"41_CR12","doi-asserted-by":"crossref","unstructured":"Medeiros, I., Neves, N., Correia, M.: Equipping WAP with weapons to detect vulnerabilities. In: Proceedings of the 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (2016)","DOI":"10.1109\/DSN.2016.63"},{"key":"41_CR13","unstructured":"De Sousa Medeiros, I.V.: Detection of vulnerabilities and automatic protection for web applications. Doctoral dissertation, Universidade de Lisboa (2016)"},{"issue":"4","key":"41_CR14","first-page":"537","volume":"22","author":"I Abunadi","year":"2016","unstructured":"Abunadi, I., Alenezi, M.: An empirical investigation of security vulnerabilities within web applications. J. UCS 22(4), 537\u2013551 (2016)","journal-title":"J. UCS"},{"issue":"1","key":"41_CR15","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1109\/TR.2015.2457411","volume":"65","author":"I Medeiros","year":"2016","unstructured":"Medeiros, I., Neves, N., Correia, M.: Detecting and removing web application vulnerabilities with static analysis and data mining. IEEE Trans. Reliab. 65(1), 54\u201369 (2016)","journal-title":"IEEE Trans. Reliab."},{"issue":"1","key":"41_CR16","doi-asserted-by":"crossref","first-page":"512","DOI":"10.1007\/s13198-015-0376-0","volume":"8","author":"S Gupta","year":"2017","unstructured":"Gupta, S., Gupta, B.B.: Cross-site Scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. Int. J. Syst. Assur. Eng. Manag. 8(1), 512\u2013530 (2017)","journal-title":"Int. J. Syst. Assur. Eng. Manag."},{"key":"41_CR17","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Lo, D., Xia, X., Xu, B., Sun, J., Li, S.: Combining software metrics and text features for vulnerable file prediction. In: 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 40\u201349. IEEE (2015)","DOI":"10.1109\/ICECCS.2015.15"},{"key":"41_CR18","doi-asserted-by":"crossref","unstructured":"Walden, J., Stuckman, J., Scandariato, R.: Predicting vulnerable components: software metrics vs text mining. In: 2014 IEEE 25th International Symposium on Software Reliability Engineering (ISSRE), pp. 23\u201333. IEEE (2014)","DOI":"10.1109\/ISSRE.2014.32"},{"key":"41_CR19","doi-asserted-by":"crossref","unstructured":"Neuhaus, S., Zimmermann, T., Holler, C., Zeller, A.: Predicting vulnerable software components. In Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 529\u2013540. ACM (2007)","DOI":"10.1145\/1315245.1315311"},{"issue":"14","key":"41_CR20","first-page":"3295","volume":"8","author":"Y Wang","year":"2011","unstructured":"Wang, Y., Wang, Y., Ren, J.: Software vulnerabilities detection using rapid density-based clustering. J. Inf. Comput. Sci. 8(14), 3295\u20133302 (2011)","journal-title":"J. Inf. Comput. Sci."},{"key":"41_CR21","doi-asserted-by":"crossref","unstructured":"Scholte, T., Robertson, W., Balzarotti, D., Kirda, E.: Preventing input validation vulnerabilities in web applications through automated type analysis. In: 2012 IEEE 36th Annual Computer Software and Applications Conference (COMPSAC), pp. 233\u2013243. IEEE (2012)","DOI":"10.1109\/COMPSAC.2012.34"},{"key":"41_CR22","doi-asserted-by":"crossref","unstructured":"Wijayasekara, D., Manic, M., Wright, J.L., McQueen, M.: Mining bug databases for unidentified software vulnerabilities. In: 2012 5th International Conference on Human System Interactions (HSI), pp. 89\u201396. IEEE (2012)","DOI":"10.1109\/HSI.2012.22"},{"key":"41_CR23","doi-asserted-by":"crossref","unstructured":"Shar, L.K., Tan, H.B.K.: Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities. In: Proceedings of the 34th International Conference on Software Engineering, pp. 1293\u20131296. IEEE Press (2012)","DOI":"10.1109\/ICSE.2012.6227096"},{"key":"41_CR24","doi-asserted-by":"crossref","unstructured":"Shar, L.K., Tan, H.B.K.: Predicting common web application vulnerabilities from input validation and sanitization code patterns. In: 2012 Proceedings of the 27th IEEE\/ACM International Conference on Automated Software Engineering (ASE), pp. 310\u2013313. IEEE (2012)","DOI":"10.1145\/2351676.2351733"},{"key":"41_CR25","doi-asserted-by":"crossref","unstructured":"Howard, G.M., Gutierrez, C.N., Arshad, F.A., Bagchi, S., Qi, Y.: pSigene: webcrawling to generalize SQL injection signatures. In: 2014 44th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 45\u201356. IEEE (2014)","DOI":"10.1109\/DSN.2014.21"},{"key":"41_CR26","doi-asserted-by":"crossref","unstructured":"Grieco, G., Grinblat, G.L., Uzal, L., Rawat, S., Feist, J., Mounier, L.: Toward large-scale vulnerability discovery using machine learning. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 85\u201396. ACM (2016)","DOI":"10.1145\/2857705.2857720"},{"key":"41_CR27","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1016\/j.infsof.2017.08.008","volume":"92","author":"D Taibi","year":"2017","unstructured":"Taibi, D., Janes, A., Lenarduzzi, V.: How developers perceive smells in source code: a replicated study. Inf. Softw. Technol. 92, 223\u2013235 (2017)","journal-title":"Inf. Softw. Technol."},{"key":"41_CR28","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.infsof.2018.02.004","volume":"99","author":"F Palomba","year":"2018","unstructured":"Palomba, F., Bavota, G., Di Penta, M., Fasano, F., Oliveto, R., De Lucia, A.: A large-scale empirical study on the lifecycle of code smell co-occurrences. Inf. Softw. Technol. 99, 1\u201310 (2018)","journal-title":"Inf. Softw. Technol."}],"container-title":["Communications in Computer and Information Science","Intelligent Technologies and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-13-6052-7_41","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,21]],"date-time":"2019-05-21T00:04:28Z","timestamp":1558397068000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-13-6052-7_41"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9789811360510","9789811360527"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-981-13-6052-7_41","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"12 March 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"INTAP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Intelligent Technologies and Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bahawalpur","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Pakistan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"intap2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/jdconline.net\/intap\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}