Layered Web Security for Transportation Systems Using Machine Learning and Ruby on Rails Framework

Transport Means 2025: Proceedings of 29th International Scientific Conference 2025
Antons Patļins, Nils Artūrs Busalovs

The increasing digitalization of transportation systems exposes them to growing cybersecurity risks, including SQL injection, XSS, CSRF, and DDoS attacks. This paper proposes a multi-layered web application security framework tailored for smart mobility platforms, integrating traditional OWASP practices with machine learning techniques. A Ruby on Rails-based tool, Risk Hunter is designed to detect and respond to malicious traffic using behavioral analysis and customizable CSRF checking, as well as detecting data strings related to malicious XSS scripts and SQL injections. Testing confirms the tool's effectiveness in mitigating threats such as DDoS, XSS, CSRF, and SQL injections. The framework offers a scalable, modular solution to enhance cyber resilience in transportation infrastructure.

Keywords
web application security, smart mobility, transportation cybersecurity, machine learning, Ruby on Rails, OWASP, SQL injection, XSS prevention, CSRF protection, DDoS mitigation, critical infrastructure, secure web architecture

Patļins, A., Busalovs, N. Layered Web Security for Transportation Systems Using Machine Learning and Ruby on Rails Framework. In: Transport Means 2025: Proceedings of 29th International Scientific Conference, Lithuania, Klaipeda, 1-3 October, 2025. Kaunas: Kaunas University of Technology, 2025, pp.1-6.

Publication language
English (en)