jU UNiveRSUM:
№10(127)_ЛД ТЕХНИЧЕСКИЕ НАУКИ_октябрь. 2024 г.
DOI - 10.32743/UniTech.2024.127.10.18457 ANALYSIS OF OPTIONS FOR USING AI TO PROTECT WEB RESOURCES
Philip Okhonko
Application Security Engineer, Tential, United States, Florida, Pensacola E-mail: philip. [email protected]
АНАЛИЗ ВАРИАНТОВ ИСПОЛЬЗОВАНИЯ ИИ ДЛЯ ЗАЩИТЫ ВЕБ-РЕСУРСОВ
Охонько Филипп Сергеевич
Инженер по безопасности приложений, Tential, США, Флорида, Пенсакола
ABSTRACT
The issues of data protection when working in a web environment have long been in the forefront. A large number of technologies and methods for implementing websites and web services, a huge number of network users, open transmission protocols - these and many other factors have made the global network a favorable environment for intruders. In order to protect against them, developers use various approaches to ensure the security of their applications, and artificial intelligence is today considered one of the promising technologies in the field of information security. In this regard, consideration of the capabilities of AI in matters of ensuring the protection of web applications is relevant.
АННОТАЦИЯ
Вопросы защиты данных при работе в веб-среде уже давно вышли на первое место. Большое число технологий и методов реализации веб-сайтов и веб-сервисов, огромное количество пользователей сети, открытые протоколы передачи - эти и еще множество факторов сделали глобальную сеть благоприятной средой для злоумышленников. С целью защиты от них разработчики используют различных подходы обеспечения безопасности своих приложений, и искусственный интеллект сегодня считается одной из перспективных технологий в сфере ИБ. В связи с этим рассмотрение возможностей ИИ в вопросах обеспечения защиты веб-приложений является актуальной.
Keywords: information security, web application protection, artificial intelligence, ensuring information security.
Ключевые слова: информационная безопасность, защита веб-приложений, искусственный интеллект, обеспечение информационной безопасности.
Artificial intelligence is increasingly used today to solve a wide variety of problems in many areas of human activity, primarily in areas such as information security and web development. The use of AI here has allowed us to develop new approaches to solving problems, improve user experience, and obtain new services and mechanisms. Applications accessible via the Internet have always been an attractive target for intruders who could use a variety of attack vectors and techniques to implement them. For this reason, it has always been considered important to ensure their security at a high level. Speaking about the use of artificial intelligence mechanisms in the context of ensuring the information
security of web applications, the main goal in this case will be, first of all, ensuring a high level of protection.
Today, information security solutions based on artificial intelligence mechanics allow solving a wide variety of tasks, such as preventing cyberattacks and data leaks, providing access control and management in conjunction with monitoring user behavior and recording unauthorized operations. In addition, this type of solution can search for vulnerabilities in program code and application operation, analyze and block unwanted actions, etc. This is only a short list of AI capabilities. Let us present the most common areas of artificial intelligence use in web application security at the current time. They are presented in Figure 1.
Библиографическое описание: Okhonko P. ANALYSIS OF OPTIONS FOR USING AI TO PROTECT WEB RESOURCES // Universum: технические науки: электрон. научн. журн. 2024. 10(127). URL:
https://7universum.com/ru/tech/archive/item/18457
№ 10 (127)
PKraGpb, 2024 r.
Using AI for Web Application Security
Checking the code Testing for vulnerabilities Countering attacks
Figure 1. Directions for using AI in web application security
Let's consider the presented approaches to ensuring the security of web applications using AI in more detail.
Code checking for vulnerabilities is usually performed at the testing stage, but in the case of using AI, this will become possible even at the writing stage. It has long been noted that AI can help in a variety of areas
of development, including the web. Its role can be quite diverse - from checking for errors in the code text, to checking the code for vulnerabilities. The complexity of checking the code of this type of application is directly related to their architecture, shown in Figure 2.
Client Request Application Server SQL Database Server Database
Response RS
Figure 2. Web application architecture
A typical web application includes a client and a server part, and the latter in turn can consist of several server solutions. This complicates the procedures for monitoring vulnerabilities in the code, especially when working in a team, when different developers work on each part of the service. In this situation, the use of AI will be a fairly justified solution, and special AI training programs can be used for this, as well as a single knowledge base can be formed. Its use will subsequently provide developers with mechanisms for training artificial intelligence, which will receive information regarding all typical errors and vulnerabilities and will be able to warn developers about their presence directly at the stage of writing the program code, structuring the identified vulnerabilities into various levels of danger. As an example of systems that provide control over work with code based on AI, we can present the AI assistant "Ghostwriter" as part of the IDE Replit, functioning in the format of a chat bot. In addition to the typical functions of providing auto-completion of the code, this assistant performs a check "on the fly", indicating errors and potential vulnerabilities. Another solution is the CodeWhisperer assistant, which analyzes the code as it is written and provides the necessary recommendations for its improvement, as well as eliminating potentially vulnerable points in terms of security.
The next direction is the use of artificial intelligence in web application testing. In desktop testing, AI has already begun to be used by major software developers to implement automatic testing mechanisms - AI develops test scenarios and also executes them independently.
This allows identifying the maximum percentage of existing errors and generating structured reports.
Speaking about web applications, they require mandatory serious testing and debugging procedures. The use of artificial intelligence will allow high-quality automation of these processes, and in this case, identify both errors related to the functionality of products of this class, and identify vulnerabilities in relation to their security. The final result of using AI in testing web resources is an increase in the stability and quality of their functioning in combination with a high level of reliability and protection. As an example of a system that simplifies the testing and debugging processes from a security point of view, developers can use various tools. One example is the GPT Pilot assistant, which performs unit tests at the development stage, providing the results to developers and testers, and leaving them with full control over the decisions made.
The above options relate to the processes of developing and debugging applications operating in a web environment. However, this is not enough, especially for large solutions. Additional protection should be provided for the application itself and its environment - the server operating system and the platform on which everything is located. And in this case, a special complex is used aimed at protecting web applications, called a web application firewall (WAF). It is a complex system of protection against various categories of attacks from outside, while ensuring the availability of the web application for ordinary users. Figure 3 shows the principle of WAF operation.
№ 10 (127)
QKra6pb, 2024 r.
Figure 3. WAF operating principle
The functioning of WAF involves control and protection in a number of areas:
• checking the transmitted information for compliance with protocols;
• control of transmitted traffic;
• signature analysis;
• protection against code injections, as well as XSS and DDOS attacks;
• performing reputation analysis.
The basis for the functioning of firewalls for web applications is the use of mechanisms for studying the behavior of applications and users. This allows you to identify not only external attacks during the operation of applications, but also to determine possible vulnerabilities that were not detected during the development and testing of this application. To do this, the protection system not only controls access to applications, but also tracks the data entered into fields and forms, checks data entry, transmitted traffic, created cookies. All this together allows you to build a picture of the application's behavior, which has long been actively implemented using AI, and is even implemented in many modern WAFs. Through the use of machine learning, security specialists promptly receive alerts regarding all deviations in behavior. More advanced Al-based systems can
make decisions on their own regarding operations and procedures that need to be performed in the event of deviations in behavior or detection of a threat. The presence of self-learning mechanisms allows you to accumulate your own knowledge base, with the help of which AI can quickly identify the emergence of threats, while avoiding false positives. Nemesida WAF and Continent WAF are striking examples of firewalls for web applications based on the use of AI. Their developers claim to detect 99.9% of all attacks on web applications and the ability to identify vulnerabilities in the operation of systems, which are high indicators of the functioning of this type of applications.
In conclusion, it is important to note that AI has made a significant contribution to the development and protection of web applications. It provides benefits of both financial and labor nature - reducing the amount of information processed manually. This allows developers and testers to implement applications with a minimum amount of possible vulnerabilities in their composition. AI also performs a significant amount of work for information security specialists. It will not replace them completely, but will become a powerful tool that simplifies their work and takes it to a new level.
References:
1. Ganzhur, A.P. Content Security Policy / A.P. Ganzhur, A.S. Otakulov, N.V. Dyachenko // Young researcher of the Don. 2021. No. 6 (33). P. 41-44.
2. Using AI in Software Development. URL: https://ict.moscow/research/al-in-software-development-2024-survey/ (accessed 11.09.2024)
3. Kultygin O.P. Using Artificial Intelligence - Reality and Prospects / Applied Informatics. 2019. No. 2.
4. Kuprikov N.M., Bashkirova E.A. Standardization Issues in the Sphere of Artificial Intelligence / Competence (Russia). 2022. No. 3.
5. Lavrishcheva, E.M. Software engineering and programming technologies for complex systems: a textbook for universities / E.M. Lavrishcheva. 2nd ed., corrected. and add. Moscow: Yurait Publishing House, 2023. 432 p.
6. Poluektova, N.R. Web application development: a textbook for universities / N.R. Poluektova. Moscow: Yurait Publishing House, 2024. 204 p.
7. Denisenko V.V., Yashchenko A.S., Chesnikov L.S. Application of artificial intelligence in the development of mobile applications // International Journal of Humanities and Natural Sciences. 2023. No. 2-2 (77). URL: https://cyber-leninka.ru/article/n/primenenie-iskusstvennogo-intellekta-v-razrabotke-mobilnyh-prilozheniy (date of access: 09/22/2024).
8. Tuzovsky, A.F. Design and development of web applications: a tutorial for universities / A.F. Tuzovsky. Moscow: Yurait Publishing House, 2024. 219 p.