You are here : University of Gloucestershire > Research > Research Repository

Business Logic Vulnerabilities in the Digital Era: A Detection Framework Using Artificial Intelligence

Tools

Metin, Bilgin, Wynn, Martin G ORCID: https://orcid.org/0000-0001-7619-6079, Tunali, Aylin and Kepir, Yagmur (2025) Business Logic Vulnerabilities in the Digital Era: A Detection Framework Using Artificial Intelligence. Information, 16 (585). pp. 1-22. doi:10.3390/ info16070585

[thumbnail of 15168 Metin, B. et al.(2025) Business Logic Vulnerabilities in the Digital Era.pdf]

Preview

Text
15168 Metin, B. et al.(2025) Business Logic Vulnerabilities in the Digital Era.pdf - Published Version
Available under License Creative Commons Attribution 4.0.
Download (1MB) | Preview

Official URL: https://doi.org/10.3390/info16070585

Abstract

Digitalisation can positively impact the efficiency of real-world business processes, but may also introduce new cybersecurity challenges. One area that is particularly vulnerable to cyber-attacks is the business logic embedded in processes in which flaws may exist. This is especially the case when these processes are within web-based applications and services, which are increasingly becoming the norm for many organisations. Business logic vulnerabilities (BLVs) can emerge following the software development process, which may be difficult to detect by vulnerability detection tools. Through a systematic literature review and interviews with industry practitioners, this study identifies key BLV types and the challenges in detecting them. The paper proposes an eight-stage operational framework that leverages Artificial Intelligence (AI) for enhanced BLV detection and mitigation. The research findings contribute to the rapidly evolving theory and practice in this field of study, highlighting the current reliance on manual detection, the contextual nature of BLVs, and the need for a hybrid, multi-layered approach integrating human expertise with AI tools. The study concludes by emphasizing AI’s potential to transform cybersecurity from a reactive to a proactive defense against evolving vulnerabilities and threats.

Item Type:	Article
Article Type:	Article
Subjects:	T Technology > T Technology (General)
Divisions:	Schools and Research Institutes > School of Business, Computing and Social Sciences
Depositing User:	Martin Wynn
Date Deposited:	11 Jul 2025 10:42
Last Modified:	11 Jul 2025 11:00
URI:	https://eprints.glos.ac.uk/id/eprint/15168

University Staff: Request a correction | Repository Editors: Update this record

Altmetric

CORE (COnnecting REpositories)

University Of Gloucestershire

Find Us On Social Media:

Other University Web Sites

Staffnet (Staff Only)

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.

© UoG 2008-24
Knowledge Base
Accessibility
Privacy and Cookies
Disclaimer
Comments concerning this page to Webmaster