A Machine Learning based Approach to Identify SQL Injection Vulnerabilities (ASE 2019 - Student Research Competition) - ASE 2019

Sun 10 - Fri 15 November 2019 San Diego, California, United States

Track

ASE 2019 Student Research Competition

Time Zone

The program is currently displayed in (GMT-08:00) Tijuana, Baja California.

Use conference time zone: (GMT-08:00) Tijuana, Baja CaliforniaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

When

Tue 12 Nov 2019 15:20 - 16:00 at Kensington Ballroom - Poster Session: Student Research Competition
Wed 13 Nov 2019 14:25 - 14:40 at South Park - Student Research Competition - Selected Presentations (Undergraduate) Chair(s): Jin L.C. Guo, Jie M. Zhang

Abstract

This paper presents a machine learning classifier designed to identify SQL injection vulnerabilities in PHP code. Both classical and deep learning based machine learning algorithms were used to train and evaluate classifier models using input validation and sanitization features extracted from source code files. On ten-fold cross validations a model trained using Convolutional Neural Network(CNN) achieved the highest precision (95.4%), while a model based on Multilayer Perceptron (MLP) achieved the highest recall (63.7%) and the highest f-measure (0.746).

Time Zone

The program is currently displayed in (GMT-08:00) Tijuana, Baja California.

Use conference time zone: (GMT-08:00) Tijuana, Baja CaliforniaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Session Program

Tue 12 Nov
Displayed time zone: Tijuana, Baja California change

	15:20 - 16:00	Poster Session: Student Research CompetitionStudent Research Competition at Kensington Ballroom

	15:20 40m		Boosting Neural Commit Message Generation with Code Semantic Analysis Student Research Competition Shuyao Jiang Fudan University
	15:20 40m		Toward Practical Automatic Program Repair Student Research Competition Ali Ghanbari Iowa State University
	15:20 40m		An Image-inspired and CNN-based Android Malware Detection Approach Student Research Competition Shao Yang Case Western Reserve University
	15:20 40m		An Approach for Investigating Emotion Dynamics in Software Development Student Research Competition Krishna Neupane Rochester Institute of Technology
	15:20 40m		A Machine Learning based Approach to Identify SQL Injection Vulnerabilities Student Research Competition Kevin Zhang Wayne State University
	15:20 40m		Retrieve and Refine: Exemplar-based Neural Comment Generation Student Research Competition Bolin Wei Peking University
	15:20 40m		Verifying Determinism in Sequential Programs Student Research Competition Rashmi Mudduluru University of Washington, Seattle
	15:20 40m		User Preference Aware Multimedia Pricing Model using Game Theory and Prospect Theory for Wireless Communications Student Research Competition Krishna Murthy Kattiyan Ramamoorthy San Diego State University
	15:20 40m		Empirical Study of Python Call Graph Student Research Competition Li Yu Nanjing University
	15:20 40m		Towards Comprehensible Representation of Controllers using Machine Learning Student Research Competition Gargi Balasubramaniam Birla Institute of Technology and Science, Pilani, K K Birla Goa Campus File Attached
	15:20 40m		API Design Implications of Boilerplate Client Code Student Research Competition Daye Nam Carnegie Mellon University
	15:20 40m		Compile-time detection of machine image sniping Student Research Competition Martin Kellogg University of Washington, Seattle
	15:20 40m		Crowdsourced Report Generation via Bug Screenshot Understanding Student Research Competition Shengcheng Yu Nanjing University, China File Attached

Wed 13 Nov
Displayed time zone: Tijuana, Baja California change

	13:40 - 15:20	Student Research Competition - Selected Presentations (Undergraduate)Student Research Competition at South Park Chair(s): Jin L.C. Guo McGill University, Jie M. Zhang University College London, UK

	13:40 15m		Crowdsourced Report Generation via Bug Screenshot Understanding Student Research Competition Shengcheng Yu Nanjing University, China File Attached
	13:55 15m		Towards Comprehensible Representation of Controllers using Machine Learning Student Research Competition Gargi Balasubramaniam Birla Institute of Technology and Science, Pilani, K K Birla Goa Campus File Attached
	14:10 15m		Empirical Study of Python Call Graph Student Research Competition Li Yu Nanjing University
	14:25 15m		A Machine Learning based Approach to Identify SQL Injection Vulnerabilities Student Research Competition Kevin Zhang Wayne State University
	14:40 15m		Boosting Neural Commit Message Generation with Code Semantic Analysis Student Research Competition Shuyao Jiang Fudan University

Kevin Zhang

Wayne State University