This paper advances the field of software security by proposing an integrated approach for analysing both syntactic and semantic vulnerability patterns. Utilising a detailed vulnerability and attack library alongside ...
详细信息
ISBN:
(纸本)9798350366266;9798350366259
This paper advances the field of software security by proposing an integrated approach for analysing both syntactic and semantic vulnerability patterns. Utilising a detailed vulnerability and attack library alongside a verification tool for language-neutral threat assessment, this study enhances the detection and mitigation of security threats in diverse programming environments. The research builds upon and refines previous work by employing structured Threat Information eXpression (stIX) objects and XPath for syntactic analysis and introduces advanced semantic error detection techniques. A specialised tool developed and demonstrated previously to model vulnerability patterns from the MITRE database for comprehensive analysis to demonstrate the practical application of this research is now enhanced to add new features. This paper outlines the enhancements in the integrated analysis tool and shows its current features of detecting semantic vulnerability patterns using Infer. It also gives details of future development plans, which is the development of a web version, aiming to increase accessibility and utility. Highlighting the significance of a holistic vulnerability analysis approach, the research underscores the potential for future applications in securing open-source projects and broader software development practices.
In the era of rapidly evolving technological advancements and the growing importance of 21st-century skills and environmental consciousness, education systems face the challenge of providing personalized learning expe...
详细信息
With the advancement of digital transformation in various fields, the information industry has developed rapidly in the 21st century. Significant changes in system scale, research and development operation and mainten...
详细信息
ISBN:
(纸本)9798350381993;9798350382006
With the advancement of digital transformation in various fields, the information industry has developed rapidly in the 21st century. Significant changes in system scale, research and development operation and maintenance models, technical architecture, and user groups have made the impact of information system failures wider and more severe. Disaster recovery systems can protect the data and applications of information systems before disasters occur, ensure the security of data in the event of a disaster, and achieve rapid business recovery. They have become an indispensable foundation for modern data infrastructure. This article provides a brief introduction to various disaster recovery technologies, followed by a summary of the principles that should be followed during the construction process of the disaster recovery system. Finally, it provides a detailed introduction to how to execute and manage the entire process of the disaster recovery system construction and proposes corresponding suggestions.
The education landscape is undergoing a paradigm shift from a teacher-centric model, characterized by passive learning, to an active, student-centric approach. This paper explores innovative pedagogical approaches tha...
详细信息
暂无评论