Adaptive Application Security Testing with AI Automation
DOI:
https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I1P106Keywords:
Adaptive Security Testing, Application Security, AI Automation, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Machine Learning, DevSecOps, Threat Modeling, Continuous Integration and Continuous Deployment (CI/CD), Security Orchestration, Vulnerability Management, Secure Software Development Lifecycle (SDLC), Predictive Risk Scoring, Interactive Application Security Testing (IAST), Runtime Application Self-Protection (RASP)Abstract
Conventional security testing methods can fall short in the fast changing threat landscape of the present day in terms of their fluid properties of modern apps. Adaptive Application Security Testing (AAST), a dynamic approach that changes testing strategies in actual time based on their application activity, user behaviors & newly found vulnerabilities, is investigated in this article. Aiming at increasing flexibility by means of the integration of ML algorithms that constantly learn from their security events, code changes & user interactions, the study offers an AI-based automated system. In reaction to contextual indicator such as the latest feature deployments or aberrant behavior this adaptive solution begins security tests, therefore making testing more flexible & more efficient than static or scheduled testing. By combining dynamic application security testing (DAST), static application security testing (SAST), & actual time behavioral analysis, the AI framework helps to identify their improved vulnerabilities, hence reducing faulty positives & human employment. Emphasizing increases in detection rate, response time & more general system resilience, a case study of a banking application shows the ability of the model to reveal their complex security vulnerabilities neglected by conventional methodologies. Important findings highlight how well adaptive testing may improve their security protocols by matching testing activities with actual world usage patterns, hence streamlining development processes. The consequences for the sector are more significant, pointing from irregular, reactive testing to continuous, intelligent security validation included into the DevSecOps process. This change helps companies to reduce their remedial costs, proactively protect against the latest vulnerabilities, and speed up safe software deployment
References
1. Sarker, Iqbal H. "AI-based modeling: techniques, applications and research issues towards automation, intelligent and smart systems." SN computer science 3.2 (2022): 158.
2. Salehie, Mazeiar, and Ladan Tahvildari. "Self-adaptive software: Landscape and research challenges." ACM transactions on autonomous and adaptive systems (TAAS) 4.2 (2009): 1-42.
3. Ghanem, Mohamed C., and Thomas M. Chen. "Reinforcement learning for efficient network penetration testing." Information 11.1 (2019): 6.
4. Gill, Sukhpal Singh, et al. "AI for next generation computing: Emerging trends and future directions." Internet of Things 19 (2022): 100514.
5. Atluri, Anusha. “Redefining HR Automation: Oracle HCM’s Impact on Workforce Efficiency and Productivity”. American Journal of Data Science and Artificial Intelligence Innovations, vol. 1, June 2021, pp. 443-6
6. Hoadley, Daniel S., and Nathan J. Lucas. "Artificial intelligence and national security." 26 Apr. 2018,
7. Syed, Ali Asghar Mehdi, and Shujat Ali. “Linux Container Security: Evaluating Security Measures for Linux Containers in DevOps Workflows”. American Journal of Autonomous Systems and Robotics Engineering, vol. 2, Dec. 2022, pp. 352-75
8. Calinescu, Radu, et al. "Engineering trustworthy self-adaptive software with dynamic assurance cases." IEEE Transactions on Software Engineering 44.11 (2017): 1039-1069.
9. Anand, Sangeeta. “Automating Prior Authorization Decisions Using Machine Learning and Health Claim Data”. International Journal of Artificial Intelligence, Data Science, and Machine Learning, vol. 3, no. 3, Oct. 2022, pp. 35-44
10. Alam, Ashraf. "Employing adaptive learning and intelligent tutoring robots for virtual classrooms and smart campuses: reforming education in the age of artificial intelligence." Advanced computing and intelligent technologies: Proceedings of ICACIT 2022. Singapore: Springer Nature Singapore, 2022. 395-406.
11. Vasanta Kumar Tarra, and Arun Kumar Mittapelly. “Predictive Analytics for Risk Assessment & Underwriting”. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING ( JRTCSE), vol. 10, no. 2, Oct. 2022, pp. 51-70
12. Ghosh, Ashish, Debasrita Chakraborty, and Anwesha Law. "Artificial intelligence in Internet of things." CAAI Transactions on Intelligence Technology 3.4 (2018): 208-218.
13. Varma, Yasodhara, and Manivannan Kothandaraman. “Optimizing Large-Scale ML Training Using Cloud-Based Distributed Computing”. International Journal of Artificial Intelligence, Data Science, and Machine Learning, vol. 3, no. 3, Oct. 2022, pp. 45-54
14. Azhar, Ishaq. "The interaction between artificial intelligence and identity & access management: An empirical study." Ishaq Azhar Mohammed," THE INTERACTION BETWEEN ARTIFICIAL INTELLIGENCE AND IDENTITY & ACCESS MANAGEMENT: AN EMPIRICAL STUDY", International Journal of Creative Research Thoughts (IJCRT), ISSN (2015): 2320-2882.
15. Kupunarapu, Sujith Kumar. "AI-Driven Crew Scheduling and Workforce Management for Improved Railroad Efficiency." International Journal of Science And Engineering 8.3 (2022): 30-37.
16. DAS, JYOTIPRIYA. "Harnessing Artificial Intelligence and Machine Learning in Software Engineering: Transformative Approaches for Automation, Optimization, And Predictive Analysis." Optimization, And Predictive Analysis (2021).
17. Anand, Sangeeta, and Sumeet Sharma. “Hybrid Cloud Approaches for Large-Scale Medicaid Data Engineering Using AWS and Hadoop”. International Journal of Emerging Trends in Computer Science and Information Technology, vol. 3, no. 1, Mar. 2022, pp. 20-28
18. Hamon, Ronan, Henrik Junklewitz, and Ignacio Sanchez. "Robustness and explainability of artificial intelligence." Publications Office of the European Union 207 (2020): 2020.
19. Atluri, Anusha. “Breaking Barriers With Oracle HCM: Creating Unified Solutions through Custom Integrations ”. Essex Journal of AI Ethics and Responsible Innovation, vol. 1, Aug. 2021, pp. 247-65
20. Jha, Kirtan, et al. "A comprehensive review on automation in agriculture using artificial intelligence." Artificial Intelligence in Agriculture 2 (2019): 1-12.
21. Yasodhara Varma. “Graph-Based Machine Learning for Credit Card Fraud Detection: A Real-World Implementation”. American Journal of Data Science and Artificial Intelligence Innovations, vol. 2, June 2022, pp. 239-63
22. Bécue, Adrien, Isabel Praça, and João Gama. "Artificial intelligence, cyber-threats and Industry 4.0: Challenges and opportunities." Artificial Intelligence Review 54.5 (2021): 3849-3886.
23. Vasanta Kumar Tarra, and Arun Kumar Mittapelly. “Future of AI & Blockchain in Insurance CRM”. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING ( JRTCSE), vol. 10, no. 1, Mar. 2022, pp. 60-77
24. Villar, Alice Saldanha, and Nawaz Khan. "Robotic process automation in banking industry: a case study on Deutsche Bank." Journal of Banking and Financial Technology 5.1 (2021): 71-86.
25. Syed, Ali Asghar Mehdi, and Erik Anazagasty. “Hybrid Cloud Strategies in Enterprise IT: Best Practices for Integrating AWS With on-Premise Datacenters”. American Journal of Data Science and Artificial Intelligence Innovations, vol. 2, Aug. 2022, pp. 286-09
26. Javaid, Mohd, et al. "Artificial intelligence applications for industry 4.0: A literature-based study." Journal of Industrial Integration and Management 7.01 (2022): 83-111.
