Researchers at the University of Oslo are working on a new method to find vulnerabilities that allow SQL injection into web applications, using machine learning technology. The method involves using reinforcement learning to automate the discovery of SQLi vulnerabilities.
Although the method proposed by the researchers to find the flaws is not yet ready and has some disadvantages, it paves the way for the development of machine learning models for pentests and safety assessment.
To demonstrate their method, the researchers performed a test similar to the game Capture the Flag. The reinforcement-trained agent had to obtain information about a website attacked for exploiting an SQLi vulnerability. The requests sent to the system were the possible actions of the agent and the reward was the signaling token that he should receive.
At the beginning, the researchers sent many random orders and analyzed the rewards. Gradually, they created a model to successfully carry out the attack, sending an average of four to five requests.
The existing automated SQL injection tools rely on predefined static rules, which makes their use very limited. The advantage of reinforcement learning is that the attack logic is neither predefined nor static. The agent has only one set of actions and learns the optimal strategy through examples. At first, the agent must learn the simplest things, but as he learns he can learn the non-trivial or hidden features of exploiting SQLi or take into account additional features for exploiting, such as manipulating the site’s content.
With international agencies
See the original post at: https://www.cisoadvisor.com.br/aprendizado-de-maquina-vai-ajudar-na-localizacao-de-sqli/?rand=59039