INTELLIGENT COMPUTER SYSTEM FOR AUTOMATIC DETECTION OF WEB APPLICATION VULNERABILITIES AND THREAT CLASSIFICATION

Abstract

The article investigates the problem of automated detection and classification of web application vulnerabilities using intelligent computer systems in a continuous development cycle. A systematic analysis of modern approaches to malware and cyberattack detection (SAST, DAST, SCA), including deception system architectures and machine learning methods, is carried out based on fundamental research by domestic and foreign scientists.

Current threats are reviewed according to the international standards OWASP Top 10:2021 and the CWE taxonomy. Special attention is paid to the application of Large Language Models (LLM) and Transformer-based architectures to improve the accuracy of detecting logical vulnerabilities in source code, representing a promising advancement over traditional static scanners.

The authors propose a conceptual architecture of an intelligent system based on the synergy of Graph Neural Networks (GNN) and LLMs to provide semantic analysis and context-aware threat prioritization using extended CVSS metrics. The feasibility of introducing a data normalization module from heterogeneous scanners into a unified feature space is substantiated. Experimental results demonstrate a significant reduction in the False Positive rate and an increase in the F1-score when using the hybrid model. The study is of practical interest to cybersecurity professionals, DevSecOps engineers, and developers of automated audit tools.