AI-POWERED DEFENSE AGAINST SQL INJECTION, XSS, AND BRUTE-FORCE ATTACKS

##plugins.themes.bootstrap3.article.sidebar##

PDF (English)
Nashr: Jild 4 Nomeri 23 : Наука и технология в современном мире
Bo'lim: Maqolalar
##semicolon##

##plugins.themes.bootstrap3.article.main##

Tashkent University of Information Technologies
info@in-academy.uz

Abstrak:

The rising complexity of web applications has made them increasingly vulnerable to sophisticated cyberattacks such as SQL Injection (SQLi), Cross-Site Scripting (XSS), and brute-force login attempts. While traditional security mechanisms remain essential, recent advances in artificial intelligence (AI), particularly large language models like ChatGPT, offer new possibilities for both prevention and detection. This paper explores the integration of ChatGPT into secure coding practices and penetration testing workflows. We demonstrate how ChatGPT can be prompted to detect insecure coding patterns, suggest secure alternatives, and simulate attack payloads for testing. The paper also presents comparative results from using ChatGPT to detect and patch sample SQLi, XSS, and brute-force vulnerabilities in Python-based web applications. Our findings suggest that combining AI with conventional security frameworks significantly reduces vulnerability exposure and increases system resilience.

##plugins.themes.bootstrap3.article.details##

##submission.howToCite##:

Mirzaeva , A. (2025). AI-POWERED DEFENSE AGAINST SQL INJECTION, XSS, AND BRUTE-FORCE ATTACKS. Zamonaviy Dunyoda Fan Va Texnologiya, 4(23), 16–23. Retrieved from https://in-academy.uz/index.php/zdift/article/view/59520

##submission.citations##:

Rani, S., et al. (2023). "LLMs for Vulnerability Classification." AI & Security Letters.

Bhandari, R., Sharma, A. (2022). "AI-Driven Web Application Security Testing." International Journal of Computer Applications.

Park, Y., Kim, J. (2020). "Detecting Cross-site Scripting Using LSTM-based Deep Learning." Journal of Information Security.

Singh, K. et al. (2023). "Reinforcement Learning for Brute-force Attack Simulation." IEEE Transactions on Cybersecurity.

Tan, Z., Chen, Y. (2023). "ChatGPT as a Secure Coding Assistant: An Empirical Study." Proceedings of the ACM Conference on AI & Security.

OWASP (2023). "OWASP Top 10 Web Application Security Risks." https://owasp.org/Top10

OpenAI (2023). "ChatGPT Model Documentation." https://platform.openai.com

Mohan, S. (2022). "Preventing XSS Attacks in Flask Applications." CyberDefense Magazine.

Kumar, A., Mehta, P. (2022). "Understanding SQLi and Prepared Statements." Secure Code Review Journal.

Flask-Limiter Documentation (2023). https://flask-limiter.readthedocs.io

OWASP ZAP Tool Documentation. https://owasp.org/www-project-zap

Burp Suite User Guide. https://portswigger.net

NIST (2022). "Framework for Secure Software Development."

Dastoor, R. (2021). "Ethical Implications of Dual-Use AI Tools." Journal of Responsible Technology.