| 000 | 05263namaa22004331i 4500 | ||
|---|---|---|---|
| 003 | EG-GICUC | ||
| 005 | 20260120095400.0 | ||
| 008 | 260105s2025 ua a|||frm||| 000 0 eng d | ||
| 040 |
_aEG-GICUC _beng _cEG-GICUC _dEG-GICUC _erda |
||
| 041 | 0 |
_aeng _beng _bara |
|
| 049 | _aDeposit | ||
| 082 | 0 | 4 | _a005.8 |
| 092 |
_a005.8 _221 |
||
| 097 | _aPh.D | ||
| 099 | _aCai01.20.03.Ph.D.2025.Ah.D | ||
| 100 | 0 |
_aAhmed Anas Hassan Elmenyawy, _epreparation. |
|
| 245 | 1 | 0 |
_aDetecting web application attacks using an intelligent technique / _cby Ahmed Anas Hassan Elmenyawy ; Supervision Prof. Dr. Salwa Ahmed Saad Ali El-Gamal, Dr. Basheer Abdel Fattah Youssef. |
| 246 | 1 | 5 | _aكشف هجمات تطبيقات الويب باستخدام تقنية ذكية |
| 264 | 0 | _c2025. | |
| 300 |
_a84 Leaves : _billustrations ; _c30 cm. + _eCD. |
||
| 336 |
_atext _2rda content |
||
| 337 |
_aUnmediated _2rdamedia |
||
| 338 |
_avolume _2rdacarrier |
||
| 502 | _aThesis (Ph.D)-Cairo University, 2025. | ||
| 504 | _aBibliography: pages 76-84. | ||
| 520 | 3 | _aVertical Broken Access Control (VBAC) vulnerability is one of the most commonly identified issues in web applications, posing significant risks. Consequently, addressing this pervasive threat is crucial for ensuring system confidentiality and integrity. A comprehensive survey on detecting and preventing Broken Access Control attacks has been performed, emphasizing the importance of this challenge, elaborating on existing solutions, their limitations, and the open problems that remain. Broken access control attack detector (BACAD) is a novel framework that leverages advanced AI techniques to neutralize VBAC exploits and attacks in real-time using a dynamic and practical technique. The detection process consists of two steps. The first step is user role classification using an advanced Artificial Intelligence (AI) model created in a learning phase. The learning phase includes BACAD initial configuration and application user roles traffic generation used for AI model training. The AI model at the core of BACAD framework analyzes web requests and responses utilizing a robust feature extraction, and dynamic hyperparameter tuning to ensure optimal performance across diverse scenarios. The second step is the decision step, which determines whether the incoming request-response pair is benign or an attack by validating it Vs the BACAD session information set. The evaluation against a spectrum of real-world and demonstration web applications highlights remarkable efficiency in detecting VBAC exploits, providing robust application protection against different sets of VBAC attacks. Furthermore, it shows that BACAD framework addresses the VBAC problem by presenting an applicable, dynamic, flexible, and technology-independent solution to counter VBAC vulnerability risks. Thus, BACAD framework contributes significantly to the ongoing efforts aimed to enhance web application security. | |
| 520 | 3 | _aثغرة كسر التحكم في الوصول الرأسي (VBAC) تُعد من أكثر الثغرات شيوعًا وخطورة في تطبيقات الويب، مما يجعل معالجتها أمرًا ضروريًا لحماية سرية وسلامة الأنظمة. تم إجراء دراسة شاملة لاستكشاف طرق الكشف عن هذه الهجمات والوقاية منها، مع التركيز على الحلول الحالية ومحدودياتها. وفي هذا السياق، تم ابتكار إطار جديد يُسمى BACAD، يعتمد على تقنيات الذكاء الاصطناعي لاكتشاف هجمات VBAC والتصدي لها في الوقت الفعلي. يتكون BACAD من مرحلتين: الأولى تصنيف دور المستخدم باستخدام نموذج ذكاء اصطناعي مدرّب، والثانية اتخاذ القرار من خلال مقارنة الطلبات مع معلومات الجلسة للتحقق من كونها هجمات أم لا. يتميز BACAD بكفاءته العالية ومرونته، ويُظهر فاعلية في حماية التطبيقات من أنواع متعددة من هجمات VBAC، مما يجعله مساهمة مهمة في تحسين أمان تطبيقات الويب | |
| 530 | _aIssues also as CD. | ||
| 546 | _aText in English and abstract in Arabic & English. | ||
| 650 | 0 | _aComputer security | |
| 650 | 0 | _aأمن الحاسوب | |
| 653 | 1 |
_aBroken Access Control _aVertical Access Control Vulnerabilities _aVertical Access Control Exploitation _aVertical Access Control Attacks _aBroken Access Control Attack Detector _aWeb Application Security _aLogical Vulnerabilities _aExploit Detection _aكاشف هجمات كسر التحكم في الوصول _aثغرات التحكم الرأسي في الوصول |
|
| 700 | 0 |
_aSalwa Ahmed Saad Ali El-Gamal _ethesis advisor. |
|
| 700 | 0 |
_aBasheer Abdel Fattah Youssef _ethesis advisor. |
|
| 900 |
_b01-01-2025 _cSalwa Ahmed Saad Ali El-Gamal _cBasheer Abdel Fattah Youssef _UCairo University _FFaculty of Computers and Artificial Intelligence _DDepartment of Computer Science |
||
| 905 |
_aShimaa _eEman Ghareb |
||
| 942 |
_2ddc _cTH _e21 _n0 |
||
| 999 | _c177425 | ||