EXPLORING SOFTWARE VULNERABILITIES AND CYBER THREATS LANDSCAPE USING MACHINE LEARNING: A COMPREHENSIVE REVIEW

Abstract

Software vulnerabilities become higher risks for web-based applications, specifically, these vulnerabilities are multiplying several times, with the new era of generative AI (Genai). These challenges can be better addressed with the help of AI. Hence, this comprehensive review will provide in-depth studies, approaches, and mechanisms where Machine Learning (ML) can be a tool/way to handle these recent vulnerability challenges in a better way.  According to the Bureau’s analysis, 12.5$ billion in 2023 and more than triple in 2019 were recorded in cybercrime complaints. The loss grew significantly in 2024, which shows that data breaches are increasing, which is impacting the various technological software sectors, where web-apps are playing the main role.  One of the examples related to the healthcare Industry's 54.4% increase in breach costs, approximately 10.94$ billion in 2023 from 2020. Further, in 2023, the number of cyberattacks that used credentials that had been stolen or compromised increased by 72%. In 2023, manufacturing accounted for more than 26% of attacks, making it the most affected industry. This research mainly common vulnerabilities. including identification and authentication failures, and software and data integrity failures.  Using ML to detect, identify, and suggest appropriate solutions/models for the stated vulnerability issues could be the best possible solution based on the literature.

This research considered a thorough literature review and found that Machine learning based approaches for the vulnerabilities detection is far better compared to the existing approaches for web apps. Further, this in-depth research found that the SQL injection attack group is severe for web apps. We also consider the manual, static, dynamic and hybrid approaches as well. This research provides the research challenges and opportunities related to web app vulnerabilities in detail.