Журнал «Современная Наука»

Russian (CIS)English (United Kingdom)
 MOSCOW +7(495)-142-86-81

ERROR ANALYSIS IN MACHINE LEARNING FOR SSRF DETECTION

Chavez Quiroz Gabriela Guadalupe  ( PhD student, Peter the Great St. Petersburg Polytechnic University)

Voinov Nikita Vladimirovich  (PhD, Associate Professor, Peter the Great St. Petersburg Polytechnic University (SPbPU) )

This study analyzes systematic errors in machine learning models for SSRF vulnerability detection. Key findings reveal: (1) confusion between basic and advanced SSRF variants (38% of errors) associated with HTTP 403 responses and 2800–3200-byte payloads; (2) false positives in legitimate traffic (42%) triggered by ≥2 redirects or PUT/POST methods; and (3) synthetic dataset limitations (20%) when processing internal API requests to non-standard ports (8080/8443). The stacking ensemble model achieved optimal performance (96.3% accuracy), reducing false positives to 1.2%. SHAP analysis informed three key improvements: multi-level traffic verification, prioritized cloud metadata features (SHAP >0.15), and a new response-to-request size ratio feature. The research highlights the necessity of hybrid datasets combining synthetic and real-world data, particularly for edge cases in classes 4, 5, and 11. Proposed solutions address feature ambiguity while preserving the advantages of automated detection systems.

Keywords:SSRF vulnerabilities (Server-Side Request Forgery), Machine Learning, Vulnerability Detection, Error analysis, Synthetic dataset
 

Read the full article …

Citation link:
Chavez Quiroz G. G., Voinov N. V. ERROR ANALYSIS IN MACHINE LEARNING FOR SSRF DETECTION // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2025. -№10. -С. 174-176 DOI 10.37882/2223-2966.2025.10.44
LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"

Terms Publications

Issues of the journals (Archive)

ECONOMICS AND LAW
HUMANITIES
NATURAL AND TECHNICAL SCIENCES
COGNITION

Серия - Natural and Technical Sciences