Myles Foley

Myles Foley

Ph.D. Student in Computing

Myles is a PhD student at Imperial College London under the supervision of Dr. Sergio Maffeis in the Applied Computer Security (ACS) lab. Prior to this he received a Masters of Engineering from University College London, earning the ‘Outstanding MEng Graduating Student’ prize from the Department of Electronic and Electrical Engineering. His research focus is on applying Reinforcement Learning to Web Application Security. This involves the fuzz testing using deep reinforcement learning techniques to find vulnerabilties.

Scroll down for more details...

Hacking websites with Reinforcement Learning: an XSS story

Lightning Talk

Reinforcement Learning; Cross Site Scripting (XSS)

Broken authorisation leads to some of the most common vulnerabilities in web APIs. Using automated testing to find these vulnerabilities is difficult due to dependencies on access control policy, and the specific vulnerability. In this talk, we discuss how a reinforcement learning implementation can be developed to maximise the potential to find broken authorisation vulnerabilities in web APIs. We will focus on the specific problems associated with forming it into an RL game, and generalisation to multiple APIs. The selected implementation is then tested against to confirm its ability to find vulnerabilities.