softwareengineering is the process of systematic, disciplined, quantifiable approach that has significant impact on large-scale and complex softwaredevelopment. Scores of well-established software process models hav...
详细信息
software supply chain attacks occur during the processes of producing software is compromised, resulting in vulnerabilities that target downstream customers. While the number of successful exploits is limited, the imp...
详细信息
ISBN:
(数字)9781665476799
ISBN:
(纸本)9781665476805
software supply chain attacks occur during the processes of producing software is compromised, resulting in vulnerabilities that target downstream customers. While the number of successful exploits is limited, the impact of these attacks is significant. Despite increased awareness and research into software supply chain attacks, there is limited information available on mitigating or architecting for these risks, and existing information is focused on singular and independent elements of the supply chain. In this paper, we extensively review software supply chain security using softwaredevelopment tools and infrastructure. We investigate the path that attackers find is least resistant followed by adapting and finding the next best way to complete an attack. We also provide a thorough discussion on how common software supply chain attacks can be prevented, preventing malicious hackers from gaining access to an organization's development tools and infrastructure including the development environment. We considered various SSC attacks on stolen code-sign certificates by malicious attackers and prevented unnoticed malware from passing by security scanners. We are aiming to extend our research to contribute to preventing software supply chain attacks by proposing novel techniques and frameworks.
People's personal hygiene habits speak volumes about the condition of taking care of their bodies and health in daily lifestyle. Maintaining good hygiene practices not only reduces the chances of contracting a dis...
详细信息
This paper deals with the problem of detecting the malware by using emulation approach. Modern malware include various avoid techniques, to hide its anomaly actions. Advantages of using sandbox and emulation technolog...
This paper deals with the problem of detecting the malware by using emulation approach. Modern malware include various avoid techniques, to hide its anomaly actions. Advantages of using sandbox and emulation technologies are described. Various anti-emulation techniques that are used in modern malware considered. Obfuscation as one primary approach to hide malware malicious actions described and discussed. State of emulator is presented, and the advantages of its usage are covered. Distributed model for malware detection is considered. Basic emulator and its current capabilities presented. Prepared files that represent malware are described. Experimental results for developed files that differs with included avoid techniques are presented. Disadvantages of proposed approach is described. Future research and sandbox improvement are described.
Requirements are elicited from the customer and other stakeholders through an iterative process of interviews, prototyping, and other interactive sessions. Then, requirements can be further extended, based on the anal...
详细信息
The primary goal of the authentic learning provides students with an engaging and motivating learning environment for students with hands-on experiences in solving real-world security problems. Each learning topic con...
详细信息
ISBN:
(数字)9781665488105
ISBN:
(纸本)9781665488112
The primary goal of the authentic learning provides students with an engaging and motivating learning environment for students with hands-on experiences in solving real-world security problems. Each learning topic consists of pre-lab, lab, and post-lab (Pre/Lab/Post) activities. With an authentic learning approach, we design and develop portable labware on Google CoLab for ML for ransomware detection and prevention so that students can access and practice these hands-on labs anywhere and anytime without time tedious installation and configuration which will help students more focus on learning of concepts and getting more experience for hands-on problem-solving skills.
Elections make a fundamental contribution to democratic governance and are very important to select the appropriate person to determine the fate of a nation while a large number of citizens do not trust the ballot-pap...
详细信息
Elections make a fundamental contribution to democratic governance and are very important to select the appropriate person to determine the fate of a nation while a large number of citizens do not trust the ballot-paper-based voting system. As a result, e-Voting is being adopted by various countries throughout the world. With advantages, there are a number of constraints of e-voting systems, a single vulnerability can lead to large-scale manipulations of voting results. Leveraging and intersecting both cutting-edge technologies including biometric and blockchain technology can address the limitations of current e-Voting frameworks. In this research, we analyze the requirements for systems modeling of voting technology and possible opportunities to adopt biometrics and blockchain technology. Based on the requirements analysis, we propose a biometric-enabled and hyperledger fabric-based voting framework to automate identity verification that will ensure transparency and security of electronic voting. We utilize the software architecture analysis method and active reviews for intermediate designs for evaluating the proposed framework. Demonstration indicates the efficiency and quality attributes of architectural design that shall lead us to implement the system in real-world scenarios in future studies. Initially, we develop a Webbased prototype to demonstrate the framework. In future studies, we aim to implement on large scale and evaluate the prototype against the requirements and security standard.
The promise of quantum computing is not speeding up conventional computing rather delivering an exponential advantage for certain classes of problems, with profound implications for cybersecurity for instance. With th...
详细信息
Bridges play a vital part in the transportation system by ensuring the connectedness of transportation systems, which is critical for a country’s social and economic prosperity by offering daily mobility to the peopl...
详细信息
ISBN:
(纸本)9781665480468
Bridges play a vital part in the transportation system by ensuring the connectedness of transportation systems, which is critical for a country’s social and economic prosperity by offering daily mobility to the people. However, according to the American Society of Civil Engineers (ASCE 2017), many U.S. bridges are in critical condition, raising safety issues, with 9.1 and 13.6 percent of the country’s 614,387 bridges, respectively, structurally defective, and functionally obsolete. Every day, 178 million people traverse these structurally defective bridges. Furthermore, the average annual failure rate is expected to be between 87 and 222. Bridge breakdowns have disastrous repercussions, and in many cases, result in death. While bridge authorities strive to improve bridge conditions, budget limits make it difficult to make cost-effective maintenance decisions. Bridge authorities distribute limited repair resources based on projected future bridge conditions. As a result, building a data-driven, autonomous, and effective bridge condition prediction model is critical for improving maintenance decision-making. In this paper, we present a novel bridge condition prediction framework using advanced Machine Learning (ML) algorithms on the National Bridge Inventory (NBI) dataset. The framework consists of two stages, where the most informative features from the NBI dataset are selected using the Recursive Feature Elimination process and in the 2 nd step, ML classifiers are applied to the selected features for bridge condition prediction. The experimental results show that the proposed framework can effectively predict bridge conditions by producing highly accurate results in terms of accuracy, precision, recall, and f1-score.
The problem of the rational use of energy resources remains constantly relevant and requires the search for new approaches. One of them is power control. In AC circuits, the authors see the most promising method of ph...
The problem of the rational use of energy resources remains constantly relevant and requires the search for new approaches. One of them is power control. In AC circuits, the authors see the most promising method of phase AC power control. Based on it, a power control module was developed. The structural and circuit diagrams of the developed device are presented to implement the proposed solution. The authors produced its experimental prototype and conducted experimental testing at various levels of regulated power. Savings when using the proposed power control module were calculated using the example of energy consumption in various sectors of energy-intensive systems. According to the data obtained, the module allows saving energy consumption without significant discomfort to the energy user. The calculated results allow concluding that the proposed AC power control module is fully operational, and its widespread use will significantly reduce the need for electricity.
暂无评论