Buffer overflows are one of the most common software vulnerabilities that occur when more data is inserted into a buffer than it can hold. Various manual and automated techniques for detecting and fixing specific types of buffer overflow vulnerability have been proposed, but the solution to fix Unicode buffer overflow has not been proposed yet. Public security vulnerability repository e.g., Common Weakness Enumeration (CWE) holds useful articles about software security vulnerabilities. Mitigation strategies listed in CWE may be useful for fixing the specified software security vulnerabilities. This research contributes by developing a prototype that automatically fixes different types of buffer overflows by using the strategies suggested in CWE articles and existing research. A static analysis tool has been used to evaluate the performance of the developed prototype tools. The results suggest that the proposed approach can automatically fix buffer overflows without inducing errors.
Obfuscated computer virus detection using machine learning algorithmjournalBEEI
Nowadays, computer virus attacks are getting very advanced. New obfuscated computer virus created by computer virus writers will generate a new shape of computer virus automatically for every single iteration and download. This constantly evolving computer virus has caused significant threat to information security of computer users, organizations and even government. However, signature based detection technique which is used by the conventional anti-computer virus software in the market fails to identify it as signatures are unavailable. This research proposed an alternative approach to the traditional signature based detection method and investigated the use of machine learning technique for obfuscated computer virus detection. In this work, text strings are used and have been extracted from virus program codes as the features to generate a suitable classifier model that can correctly classify obfuscated virus files. Text string feature is used as it is informative and potentially only use small amount of memory space. Results show that unknown files can be correctly classified with 99.5% accuracy using SMO classifier model. Thus, it is believed that current computer virus defense can be strengthening through machine learning approach.
With the development and rapid growth in IT infrastructure, malicious code attacks are considered as the
main threat to cybersecurity. Malicious JavaScript’s which are intentionally crafted by the attackers inside the web page
over the web as an emerging security issue affecting millions of users. In past few years, a number of studies have been
conducted based on machine learning for detection of malicious JavaScript code attacks has demonstrated a poor
detection accuracy and increased performance overheads. In this paper, an effective interceptor approach for detection of
multivariate and novel malicious JavaScript’s based on deep learning is proposed and evaluated. Hybrid feature set based
on static and dynamic analysis were used. The dataset which was used in this study consists of 32,000 benign webpages
and 12,900 malicious pages. The experimental results show that this approach was able to detect 99.01% of new malicious
code variants.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
This document discusses the potential threat of a "Superworm", a theoretical worm that could incorporate successful propagation techniques from past worms to spread rapidly and cause widespread damage. It describes the features such a worm may have, including exploiting multiple vulnerabilities across many operating systems and using various proliferation methods. The document also examines a past university network security incident and two security technologies that could help detect and limit the spread of such a worm: an early worm detection system and a modified reverse proxy server.
Security against Web Application Attacks Using Ontology Based Intrusion Detec...IRJET Journal
The document presents a proposed ontology-based intrusion detection system to provide security against web application attacks. The system aims to address limitations of existing signature-based intrusion detection systems, such as high false positive and negative rates. The proposed system uses an ontology created with Protege to model web application attacks, vulnerabilities, threats and security controls. Rules are also defined to allow the system to predict and classify attacks based on the ontology. The system architecture includes components for system analysis, interface, rule engine, ontology generation and a knowledge base. The system is evaluated on its ability to detect common web attacks like SQL injection, cross-site scripting and buffer overflow attacks.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
The document discusses database protection techniques against SQL injection and stored injection attacks. It proposes SEPTIC, a mechanism that protects databases from attacks by detecting and preventing malicious SQL queries within the database management system itself. SEPTIC compares queries to query models and flags any deviations, reducing false positives and negatives. It also introduces concepts like query quarantining and model aging. Additionally, it discusses applying instruction set randomization to SQL to make injected queries invalid.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Obfuscated computer virus detection using machine learning algorithmjournalBEEI
Nowadays, computer virus attacks are getting very advanced. New obfuscated computer virus created by computer virus writers will generate a new shape of computer virus automatically for every single iteration and download. This constantly evolving computer virus has caused significant threat to information security of computer users, organizations and even government. However, signature based detection technique which is used by the conventional anti-computer virus software in the market fails to identify it as signatures are unavailable. This research proposed an alternative approach to the traditional signature based detection method and investigated the use of machine learning technique for obfuscated computer virus detection. In this work, text strings are used and have been extracted from virus program codes as the features to generate a suitable classifier model that can correctly classify obfuscated virus files. Text string feature is used as it is informative and potentially only use small amount of memory space. Results show that unknown files can be correctly classified with 99.5% accuracy using SMO classifier model. Thus, it is believed that current computer virus defense can be strengthening through machine learning approach.
With the development and rapid growth in IT infrastructure, malicious code attacks are considered as the
main threat to cybersecurity. Malicious JavaScript’s which are intentionally crafted by the attackers inside the web page
over the web as an emerging security issue affecting millions of users. In past few years, a number of studies have been
conducted based on machine learning for detection of malicious JavaScript code attacks has demonstrated a poor
detection accuracy and increased performance overheads. In this paper, an effective interceptor approach for detection of
multivariate and novel malicious JavaScript’s based on deep learning is proposed and evaluated. Hybrid feature set based
on static and dynamic analysis were used. The dataset which was used in this study consists of 32,000 benign webpages
and 12,900 malicious pages. The experimental results show that this approach was able to detect 99.01% of new malicious
code variants.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
This document discusses the potential threat of a "Superworm", a theoretical worm that could incorporate successful propagation techniques from past worms to spread rapidly and cause widespread damage. It describes the features such a worm may have, including exploiting multiple vulnerabilities across many operating systems and using various proliferation methods. The document also examines a past university network security incident and two security technologies that could help detect and limit the spread of such a worm: an early worm detection system and a modified reverse proxy server.
Security against Web Application Attacks Using Ontology Based Intrusion Detec...IRJET Journal
The document presents a proposed ontology-based intrusion detection system to provide security against web application attacks. The system aims to address limitations of existing signature-based intrusion detection systems, such as high false positive and negative rates. The proposed system uses an ontology created with Protege to model web application attacks, vulnerabilities, threats and security controls. Rules are also defined to allow the system to predict and classify attacks based on the ontology. The system architecture includes components for system analysis, interface, rule engine, ontology generation and a knowledge base. The system is evaluated on its ability to detect common web attacks like SQL injection, cross-site scripting and buffer overflow attacks.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
The document discusses database protection techniques against SQL injection and stored injection attacks. It proposes SEPTIC, a mechanism that protects databases from attacks by detecting and preventing malicious SQL queries within the database management system itself. SEPTIC compares queries to query models and flags any deviations, reducing false positives and negatives. It also introduces concepts like query quarantining and model aging. Additionally, it discusses applying instruction set randomization to SQL to make injected queries invalid.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Resource Allocation for Antivirus Cloud AppliancesIOSR Journals
This document discusses resource allocation for antivirus cloud appliances. It proposes using a search-based optimization approach called the Automatic Cloud Antivirus Configurator (ACAC) to solve the resource allocation problem in cloud-based antivirus deployments. ACAC includes a configuration enumerator that implements a search algorithm to enumerate resource allocations. It also includes a parameter calibration process and an antivirus cost model to estimate the cost of scanning files under different resource allocations. The cost model depends on factors like total file size, code segment size, and embedded files, but no single parameter can reliably predict scanning time on its own.
Ijeee 51-57-preventing sql injection attacks in web applicationKumar Goud
The document discusses preventing SQL injection attacks in web applications. It describes how SQL injection allows attackers to gain unauthorized access to data underlying web applications. The authors propose a new application-specific encoding algorithm based on randomization to detect and prevent SQL injection attacks. This approach imposes low overhead on applications and requires minimal preparation, achieving efficiency through a specialized library that accurately tracks trusted strings at runtime.
This document proposes a Rational Unified Treatment approach for Web Application Vulnerability Assessment (WVA). It implements the Rational Unified Process (RUP) framework to iteratively identify vulnerabilities. The approach discovers assets, audits for risks and threats, exploits identified vulnerabilities, and provides mitigation steps. It was tested on a web application using the w3af security scanner. The results generated reports on discovered vulnerabilities in different formats to help secure the application.
IRJET- Improving Cyber Security using Artificial IntelligenceIRJET Journal
This document discusses using artificial intelligence techniques like machine learning algorithms to improve cyber security. It proposes a methodology that uses Splunk to extract relevant fields from cybersecurity data, feeds that into a K-means clustering algorithm to form attack clusters, then sends those clusters to individual artificial neural networks (ANNs). The aggregated ANN results are then fed into a support vector machine (SVM) which classifies attacks as malicious, non-malicious, or benign. Testing this approach on a dataset achieved a classification accuracy of over 92% when using Splunk, K-means, ANNs, and SVM together.
This is my thesis part of my MTech in Data Analytics. It talks about Malware analysis using static, dymanic and memory analysis techniques. This paper also focuses on implementation algo approach etc in detail.
Using Grammar Extracted from Sample Inputs to Generate Effective Fuzzing FilesCSCJournals
Software testing is an important step in the software development life cycle. It focuses on testing software functionalities, finding vulnerabilities, and assuring the software is executing as expected. Fuzzing is one of the software testing techniques which feeds random input to programs and monitors for abnormal behaviors such as a program crash. One of the limitations of fuzzing is that most of the fuzzers require highly structured input or certain input pattern; otherwise, the fuzz testing may be terminated at the early stage of the program execution because of not meeting the input format requirements. Some fuzzers resolve this problem by manually creating program specific input grammars to help guide fuzzing, which is tedious, error prone, and time consuming. In addition, this solution cannot work efficiently when testing multiple programs which require different input patterns. To solve this problem, a general grammar-based fuzzing technique is proposed and developed in this paper. The new fuzzer can extract grammar from the sample input files of a program, and then generate effective fuzzing files based on the grammar. This fuzzing tool is able to work with different programs by extracting grammar from them automatically and hence generate program specific fuzzing files. The fuzzing tool is fast and can find a crash in a short time. From the experiments, it successfully crashed 79 (out of 235) programs of the DARPA CGC dataset.
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
In component based software reusability development process, the software developers have to choose the best components which are self adaptive future to overcome the functional errors, framework mismatches, violation of user level privacy issues and data leakage feasibilities. The software developers can build high quality software applications by taking the consideration of the reusable components which are more suitable to provide high level data security and privacy. This paper has proposing the neural based fuzzy framework based approach to estimate the reusable components which are directly and indirectly involve the security and privacy to improve the quality of the software system. This approach has considered the twenty effecting factors and fifty three attribute matrices. It has formed with three stages of execution scenarios. The first stage has executed with eleven effecting factors and eighteen attribute matrices for identification of supporting software reusability components, the second stage has executed with four effecting factors and thirty five attribute matrices for identification of subinternal relationships in terms of security-privacy, and the third stage has executed with eight effecting factors and six attribute matrices for identification of sub of sub-internal relationships in terms of security risk estimation. This analytical finding proposes a fuzzy logic model to evaluate the most feasible effecting factors that influence the enterprise level data security-privacy practices at real time environment.
MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWAREIJNSA Journal
In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a
software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152
malware samples belonging to 16 families and 523 benign samples.
MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWAREIJNSA Journal
In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples.
Predicting Software Defects Using Bayesian Network Approachtheijes
Software defects are very predominant especially in large software these days because programmers do not take the pain to properly debug and test their software before releasing them to customers and users. When these software are put into use, the defects manifest themselves especially if they are dormant or inactive at the time the software is being developed. As a result, they do cause errors and eventually failure if not quickly handled thereby causing serious damages in terms of human and material loss. This paper proposed the Bayesian network model for predicting software defects. In the model, certain software inputs are tested to determine the number of defects in them. Therefore, our program which is developed in Java programming language is able to count the number of inputs and outputs using certain parameters and expressions. This is possible when we input query into the network. The program is able to determine that a query has been supplied, the query type, the various events that takes place at each stage of the query determination, the choices made and the probability of defects being found or not being found in the software.
IRJET- Android Malware Detection using Deep LearningIRJET Journal
This document summarizes a research paper that proposes a machine learning model to detect Android malware. It extracts permission data from a large dataset of benign and malicious Android apps. A deep learning model is trained on the permission data to classify unknown apps as benign or malicious. The model achieves 88% accuracy on the test data, which is higher than other techniques. However, it may be vulnerable to encryption techniques used by some malware to evade detection.
VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTICijcsit
Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide
ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and
improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding
usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for
detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile
devices. Currently, the security of applications for mobile devices is checked by running them in VM
environments before they are released to the end user. We argue that such a process may cause or overlook
serious security threats to the end user. In particular, if a piece of malware can detect its current running
environment, it may change its behavior such that it doesn’t perform malicious operations in environments it
suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it
may be able to hide from the security system on the VM. This is a potential security hazard for end users,
especially users of mobile devices. In this paper, we present a VM detection method that we argue could be
used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP
timestamps in replies sent from the target environment. The method does not require any installation of
software on the target machine which further increase its potential harm if it were to be used by malware to
detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it
shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to
differentiate between a real machine and a VM, thus providing protection to PC end users.
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...IJNSA Journal
Malicious software is constantly being developed and improved, so detection and classification of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to detect new/unknown malware, machine learning algorithms have been used to overcome this disadvantage. We present a Convolutional Neural Network (CNN) for malware type classification based on the API (Application Program Interface) calls. This research uses a database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor, Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF) vectors and compared the results to other classification techniques.The proposed 1-D CNN outperformed other classification techniques with 91% overall accuracy for both categorical and TF-IDF vectors.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
This document discusses using a Bayesian Belief Network (BBN) to analyze malware risk on a university campus network. It begins by introducing the campus network monitoring tools and SIR epidemiological model used to model malware propagation. It then provides background on BBN principles, including defining nodes, conditional probabilities, and using the network to compute joint probabilities. The document proposes applying a BBN to assess malware prevalence risk by relating threat, vulnerability, and cost impact on network assets. It aims to provide understandable risk assessments to inform decision making.
IRJET- College Enquiry Chat-Bot using API.AIIRJET Journal
This document describes a college enquiry chatbot developed using API.ai (now known as Dialogflow). The chatbot is an Android application that allows students to get answers to their college-related queries without having to visit the college in person. It analyzes user queries using natural language processing and responds in text and audio format by integrating text-to-speech. The chatbot was built using Dialogflow to match user inputs with predefined intents and return appropriate responses from a database of FAQs. It aims to provide students with a convenient way to stay updated on college activities and information.
A Security Analysis Framework Powered by an Expert SystemCSCJournals
Today\'s IT systems are facing a major challenge in confronting the fast rate of emerging security threats. Although many security tools are being employed within organizations in order to standup to these threats, the information revealed is very inferior in providing a rich understanding to the consequences of the discovered vulnerabilities. We believe expert systems can play an important role in capturing any security expertise from various sources in order to provide the informative deductions we are looking for from the supplied inputs. Throughout this research effort, we have built the Open Security Knowledge Engineered (OpenSKE) framework (http://code.google.com/p/openske), which is a security analysis framework built around an expert system in order to reason over the security information collected from external sources. Our implementation has been published online in order to facilitate and encourage online collaboration to increase the practical research within the field of security analysis.
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
This document discusses elements that contribute to legacy program complexity. It identifies factors such as difficulty understanding old code, high cost of maintenance and replacement, large size, poor design, integration challenges with new technologies, lack of documentation, inflexibility, long processing times, unavailability of original staff, reliability issues, and bugs. The paper explores each of these elements in detail and argues that legacy programs are complex due to a combination of these interrelated factors such as large size, complex designs with many interconnected parts, and difficulty integrating old code and platforms with new technologies.
A Smart Fuzzing Approach for Integer Overflow DetectionITIIIndustries
Fuzzing is one of the most commonly used methods to detect software vulnerabilities, a major cause of information security incidents. Although it has advantages of simple design and low error report, its efficiency is usually poor. In this paper we present a smart fuzzing approach for integer overflow detection and a tool, SwordFuzzer, which implements this approach. Unlike standard fuzzing techniques, which randomly change parts of the input file with no information about the underlying syntactic structure of the file, SwordFuzzer uses online dynamic taint analysis to identify which bytes in the input file are used in security sensitive operations and then focuses on mutating such bytes. Thus, the generated inputs are more likely to trigger potential vulnerabilities. We evaluated SwordFuzzer with an example program and a number of real-world applications. The experimental results show that SwordFuzzer can accurately locate the key bytes of the input file and dramatically improve the effectiveness of fuzzing in detecting real-world vulnerabilities
Automated server-side model for recognition of security vulnerabilities in sc...IJECEIAES
With the increase of global accessibility of web applications, maintaining a reasonable security level for both user data and server resources has become an extremely challenging issue. Therefore, static code analysis systems can help web developers to reduce time and cost. In this paper, a new static analysis model is proposed. This model is designed to discover the security problems in scripting languages. The proposed model is implemented in a prototype SCAT, which is a static code analysis tool. SCAT applies the phases of the proposed model to catch security vulnerabilities in PHP 5.3. Empirical results attest that the proposed prototype is feasible and is able to contribute to the security of real-world web applications. SCAT managed to detect 94% of security vulnerabilities found in the testing benchmarks; this clearly indicates that the proposed model is able to provide an effective solution to complicated web systems by offering benefits of securing private data for users and maintaining web application stability for web applications providers.
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...IJCNCJournal
Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more abundant, the number of transaction systems through the Internet is increasing, and new services systems appear. For example, IoT also uses password-based authentication.
In this context, consolidating password-based authentication mechanisms is critical, but monitoring measures for timely detection of attacks also play an important role in this battle. The password attack detection solutions being used need to be supplemented and improved to meet the new situation. In this
paper we propose a solution that automatically detects online password attacks in a way that is based solely on the network, using unsupervised learning techniques and protected application orientation. Our solution therefore minimizes dependence on the factors encountered by host-based or supervised learning solutions. The certainty of the solution comes from using the results of in-depth analysis of attack
characteristics to build the detection capacity of the mechanism. The solution was implemented experimentally on the real system and gave positive results.
Resource Allocation for Antivirus Cloud AppliancesIOSR Journals
This document discusses resource allocation for antivirus cloud appliances. It proposes using a search-based optimization approach called the Automatic Cloud Antivirus Configurator (ACAC) to solve the resource allocation problem in cloud-based antivirus deployments. ACAC includes a configuration enumerator that implements a search algorithm to enumerate resource allocations. It also includes a parameter calibration process and an antivirus cost model to estimate the cost of scanning files under different resource allocations. The cost model depends on factors like total file size, code segment size, and embedded files, but no single parameter can reliably predict scanning time on its own.
Ijeee 51-57-preventing sql injection attacks in web applicationKumar Goud
The document discusses preventing SQL injection attacks in web applications. It describes how SQL injection allows attackers to gain unauthorized access to data underlying web applications. The authors propose a new application-specific encoding algorithm based on randomization to detect and prevent SQL injection attacks. This approach imposes low overhead on applications and requires minimal preparation, achieving efficiency through a specialized library that accurately tracks trusted strings at runtime.
This document proposes a Rational Unified Treatment approach for Web Application Vulnerability Assessment (WVA). It implements the Rational Unified Process (RUP) framework to iteratively identify vulnerabilities. The approach discovers assets, audits for risks and threats, exploits identified vulnerabilities, and provides mitigation steps. It was tested on a web application using the w3af security scanner. The results generated reports on discovered vulnerabilities in different formats to help secure the application.
IRJET- Improving Cyber Security using Artificial IntelligenceIRJET Journal
This document discusses using artificial intelligence techniques like machine learning algorithms to improve cyber security. It proposes a methodology that uses Splunk to extract relevant fields from cybersecurity data, feeds that into a K-means clustering algorithm to form attack clusters, then sends those clusters to individual artificial neural networks (ANNs). The aggregated ANN results are then fed into a support vector machine (SVM) which classifies attacks as malicious, non-malicious, or benign. Testing this approach on a dataset achieved a classification accuracy of over 92% when using Splunk, K-means, ANNs, and SVM together.
This is my thesis part of my MTech in Data Analytics. It talks about Malware analysis using static, dymanic and memory analysis techniques. This paper also focuses on implementation algo approach etc in detail.
Using Grammar Extracted from Sample Inputs to Generate Effective Fuzzing FilesCSCJournals
Software testing is an important step in the software development life cycle. It focuses on testing software functionalities, finding vulnerabilities, and assuring the software is executing as expected. Fuzzing is one of the software testing techniques which feeds random input to programs and monitors for abnormal behaviors such as a program crash. One of the limitations of fuzzing is that most of the fuzzers require highly structured input or certain input pattern; otherwise, the fuzz testing may be terminated at the early stage of the program execution because of not meeting the input format requirements. Some fuzzers resolve this problem by manually creating program specific input grammars to help guide fuzzing, which is tedious, error prone, and time consuming. In addition, this solution cannot work efficiently when testing multiple programs which require different input patterns. To solve this problem, a general grammar-based fuzzing technique is proposed and developed in this paper. The new fuzzer can extract grammar from the sample input files of a program, and then generate effective fuzzing files based on the grammar. This fuzzing tool is able to work with different programs by extracting grammar from them automatically and hence generate program specific fuzzing files. The fuzzing tool is fast and can find a crash in a short time. From the experiments, it successfully crashed 79 (out of 235) programs of the DARPA CGC dataset.
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
In component based software reusability development process, the software developers have to choose the best components which are self adaptive future to overcome the functional errors, framework mismatches, violation of user level privacy issues and data leakage feasibilities. The software developers can build high quality software applications by taking the consideration of the reusable components which are more suitable to provide high level data security and privacy. This paper has proposing the neural based fuzzy framework based approach to estimate the reusable components which are directly and indirectly involve the security and privacy to improve the quality of the software system. This approach has considered the twenty effecting factors and fifty three attribute matrices. It has formed with three stages of execution scenarios. The first stage has executed with eleven effecting factors and eighteen attribute matrices for identification of supporting software reusability components, the second stage has executed with four effecting factors and thirty five attribute matrices for identification of subinternal relationships in terms of security-privacy, and the third stage has executed with eight effecting factors and six attribute matrices for identification of sub of sub-internal relationships in terms of security risk estimation. This analytical finding proposes a fuzzy logic model to evaluate the most feasible effecting factors that influence the enterprise level data security-privacy practices at real time environment.
MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWAREIJNSA Journal
In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a
software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152
malware samples belonging to 16 families and 523 benign samples.
MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWAREIJNSA Journal
In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples.
Predicting Software Defects Using Bayesian Network Approachtheijes
Software defects are very predominant especially in large software these days because programmers do not take the pain to properly debug and test their software before releasing them to customers and users. When these software are put into use, the defects manifest themselves especially if they are dormant or inactive at the time the software is being developed. As a result, they do cause errors and eventually failure if not quickly handled thereby causing serious damages in terms of human and material loss. This paper proposed the Bayesian network model for predicting software defects. In the model, certain software inputs are tested to determine the number of defects in them. Therefore, our program which is developed in Java programming language is able to count the number of inputs and outputs using certain parameters and expressions. This is possible when we input query into the network. The program is able to determine that a query has been supplied, the query type, the various events that takes place at each stage of the query determination, the choices made and the probability of defects being found or not being found in the software.
IRJET- Android Malware Detection using Deep LearningIRJET Journal
This document summarizes a research paper that proposes a machine learning model to detect Android malware. It extracts permission data from a large dataset of benign and malicious Android apps. A deep learning model is trained on the permission data to classify unknown apps as benign or malicious. The model achieves 88% accuracy on the test data, which is higher than other techniques. However, it may be vulnerable to encryption techniques used by some malware to evade detection.
VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTICijcsit
Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide
ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and
improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding
usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for
detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile
devices. Currently, the security of applications for mobile devices is checked by running them in VM
environments before they are released to the end user. We argue that such a process may cause or overlook
serious security threats to the end user. In particular, if a piece of malware can detect its current running
environment, it may change its behavior such that it doesn’t perform malicious operations in environments it
suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it
may be able to hide from the security system on the VM. This is a potential security hazard for end users,
especially users of mobile devices. In this paper, we present a VM detection method that we argue could be
used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP
timestamps in replies sent from the target environment. The method does not require any installation of
software on the target machine which further increase its potential harm if it were to be used by malware to
detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it
shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to
differentiate between a real machine and a VM, thus providing protection to PC end users.
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...IJNSA Journal
Malicious software is constantly being developed and improved, so detection and classification of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to detect new/unknown malware, machine learning algorithms have been used to overcome this disadvantage. We present a Convolutional Neural Network (CNN) for malware type classification based on the API (Application Program Interface) calls. This research uses a database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor, Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF) vectors and compared the results to other classification techniques.The proposed 1-D CNN outperformed other classification techniques with 91% overall accuracy for both categorical and TF-IDF vectors.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
This document discusses using a Bayesian Belief Network (BBN) to analyze malware risk on a university campus network. It begins by introducing the campus network monitoring tools and SIR epidemiological model used to model malware propagation. It then provides background on BBN principles, including defining nodes, conditional probabilities, and using the network to compute joint probabilities. The document proposes applying a BBN to assess malware prevalence risk by relating threat, vulnerability, and cost impact on network assets. It aims to provide understandable risk assessments to inform decision making.
IRJET- College Enquiry Chat-Bot using API.AIIRJET Journal
This document describes a college enquiry chatbot developed using API.ai (now known as Dialogflow). The chatbot is an Android application that allows students to get answers to their college-related queries without having to visit the college in person. It analyzes user queries using natural language processing and responds in text and audio format by integrating text-to-speech. The chatbot was built using Dialogflow to match user inputs with predefined intents and return appropriate responses from a database of FAQs. It aims to provide students with a convenient way to stay updated on college activities and information.
A Security Analysis Framework Powered by an Expert SystemCSCJournals
Today\'s IT systems are facing a major challenge in confronting the fast rate of emerging security threats. Although many security tools are being employed within organizations in order to standup to these threats, the information revealed is very inferior in providing a rich understanding to the consequences of the discovered vulnerabilities. We believe expert systems can play an important role in capturing any security expertise from various sources in order to provide the informative deductions we are looking for from the supplied inputs. Throughout this research effort, we have built the Open Security Knowledge Engineered (OpenSKE) framework (http://code.google.com/p/openske), which is a security analysis framework built around an expert system in order to reason over the security information collected from external sources. Our implementation has been published online in order to facilitate and encourage online collaboration to increase the practical research within the field of security analysis.
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
This document discusses elements that contribute to legacy program complexity. It identifies factors such as difficulty understanding old code, high cost of maintenance and replacement, large size, poor design, integration challenges with new technologies, lack of documentation, inflexibility, long processing times, unavailability of original staff, reliability issues, and bugs. The paper explores each of these elements in detail and argues that legacy programs are complex due to a combination of these interrelated factors such as large size, complex designs with many interconnected parts, and difficulty integrating old code and platforms with new technologies.
A Smart Fuzzing Approach for Integer Overflow DetectionITIIIndustries
Fuzzing is one of the most commonly used methods to detect software vulnerabilities, a major cause of information security incidents. Although it has advantages of simple design and low error report, its efficiency is usually poor. In this paper we present a smart fuzzing approach for integer overflow detection and a tool, SwordFuzzer, which implements this approach. Unlike standard fuzzing techniques, which randomly change parts of the input file with no information about the underlying syntactic structure of the file, SwordFuzzer uses online dynamic taint analysis to identify which bytes in the input file are used in security sensitive operations and then focuses on mutating such bytes. Thus, the generated inputs are more likely to trigger potential vulnerabilities. We evaluated SwordFuzzer with an example program and a number of real-world applications. The experimental results show that SwordFuzzer can accurately locate the key bytes of the input file and dramatically improve the effectiveness of fuzzing in detecting real-world vulnerabilities
Automated server-side model for recognition of security vulnerabilities in sc...IJECEIAES
With the increase of global accessibility of web applications, maintaining a reasonable security level for both user data and server resources has become an extremely challenging issue. Therefore, static code analysis systems can help web developers to reduce time and cost. In this paper, a new static analysis model is proposed. This model is designed to discover the security problems in scripting languages. The proposed model is implemented in a prototype SCAT, which is a static code analysis tool. SCAT applies the phases of the proposed model to catch security vulnerabilities in PHP 5.3. Empirical results attest that the proposed prototype is feasible and is able to contribute to the security of real-world web applications. SCAT managed to detect 94% of security vulnerabilities found in the testing benchmarks; this clearly indicates that the proposed model is able to provide an effective solution to complicated web systems by offering benefits of securing private data for users and maintaining web application stability for web applications providers.
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...IJCNCJournal
Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more abundant, the number of transaction systems through the Internet is increasing, and new services systems appear. For example, IoT also uses password-based authentication.
In this context, consolidating password-based authentication mechanisms is critical, but monitoring measures for timely detection of attacks also play an important role in this battle. The password attack detection solutions being used need to be supplemented and improved to meet the new situation. In this
paper we propose a solution that automatically detects online password attacks in a way that is based solely on the network, using unsupervised learning techniques and protected application orientation. Our solution therefore minimizes dependence on the factors encountered by host-based or supervised learning solutions. The certainty of the solution comes from using the results of in-depth analysis of attack
characteristics to build the detection capacity of the mechanism. The solution was implemented experimentally on the real system and gave positive results.
This document summarizes a survey of cloud-based secure web applications. It begins with an introduction to cloud computing and the security risks of web applications. It then presents two tables: 1) a comparison of related work on web application security that analyzes the attacks, algorithms, languages, models, studies, and test cases used; and 2) a comparison of Python to PHP and Ruby programming languages in terms of their version, purpose, creator, influences, popular sites built with each, usability, and ease of learning. The document concludes that there is a need for solutions that allow users to securely test websites for vulnerabilities in the cloud.
IRJET- Windows Log Investigator System for Faster Root Cause Detection of a D...IRJET Journal
This document describes a Windows Log Investigator System that was created to help developers more easily detect the root cause of defects. The system uses a log analysis algorithm and backtracking to determine the type of defect and possible solutions. It has a graphical user interface built with C# and WPF to provide an interactive experience for analyzing logs. The system aims to significantly reduce the difficulties faced by developers in solving defects.
1) The document discusses a proposed Vulnerability Management System (VMS) to identify and manage software vulnerabilities.
2) It provides an overview of vulnerability management and discusses related work that has been done in vulnerability databases and tracking systems.
3) The proposed VMS would use morphological inspection and static analysis to assess vulnerabilities, store information in a database, and rank vulnerabilities based on severity. It would consist of a vulnerability scanner, process control platform, and data storage.
This document describes a proposed vulnerability management system (VMS) that aims to automate the process of scanning software applications to identify vulnerabilities. The proposed system uses a hybrid algorithm approach that incorporates features from existing vulnerability detection tools and algorithms. The algorithm involves five main phases: inspection, scanning, attack detection, analysis, and reporting. The algorithm is intended to increase the accuracy of vulnerability detection compared to existing systems. The proposed VMS system and hybrid algorithm were tested using various vulnerability scanning tools on virtual machines, and results demonstrated that the VMS could automate the vulnerability assessment process and generate reports on detected vulnerabilities with severity levels. The main limitation is that scans using the VMS may take more time than some existing tools.
buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. ... Exploiting a buffer overflow allows an attacker to control or crash the process or to modify its internal variables
This document proposes algorithms for distributing malware signatures across mobile devices to optimize detection and recovery from infections. It describes a greedy algorithm that selects signatures to maximize a "system welfare" metric accounting for individual device utilities. It also describes an encounter-based distributed algorithm where devices exchange signatures opportunistically. Simulation results show the distributed algorithm approaches the performance of the greedy algorithm over time under different mobility models. The goal is to minimize the number of infected devices by optimally distributing signatures across a network of helpers considering device and malware heterogeneity.
This document discusses 6 different thesis abstracts on topics related to IT security:
1) The design and implementation of an environment to support security assessment method development. This includes a database solution to assist developers.
2) A risk analysis of an RFID system used for logistics that identifies vehicles. The analysis examines the RFID communication and database transmission security and risks.
3) Key topics for a database security course, including technologies, access control, vulnerabilities, privacy, and secure database models.
4) A case-based reasoning approach to understand constraints in information models written in EXPRESS, representing constraints at a higher level of abstraction.
5) The benefits of a consolidated network security solution over point
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET Journal
The document discusses a proposed method for detecting viruses and malware that evade existing antivirus software. It uses a combination of analyzing files with VirusTotal's database of known threats and applying natural language processing techniques like suffix trees and TF-IDF to identify malicious patterns in files. An evaluation shows the proposed method can detect viruses that existing antivirus and VirusTotal miss, achieving a 97% accuracy rate in testing.
ER Publication,
IJETR, IJMCTR,
Journals,
International Journals,
High Impact Journals,
Monthly Journal,
Good quality Journals,
Research,
Research Papers,
Research Article,
Free Journals, Open access Journals,
erpublication.org,
Engineering Journal,
Science Journals,
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
The document discusses emerging threats to web applications and strategies for testing applications to identify vulnerabilities. It finds that nearly half of all vulnerabilities are in web applications, with cross-site scripting and SQL injection being most common. Many vulnerabilities have no patches available yet. New attack types like client-side vulnerabilities are also emerging. The document advocates integrating security testing into the development process to help developers write more secure code and find issues early.
This summarizes a research paper about standardizing source code security audits. The paper proposes assembling literature on security audit techniques to promote standard methodology. It then presents a case study analyzing vulnerabilities in the Apache Traffic Server using two proprietary tools. The study examines potential issues, connects them to a standard taxonomy (CWE), and describes consequences of exploits. The paper concludes by reviewing other security case studies.
Online java compiler with security editorIRJET Journal
This document describes an online Java compiler with a security editor. The system allows users to write, compile, and debug Java programs online without needing to install a Java development kit locally. The system also includes a security editor that can encrypt and decrypt files using the MD5 algorithm. The goals of the project are to make Java programming more accessible and provide security for files. It uses a client-server architecture where the server runs the Java compiler and encryption/decryption and the client can access these features through a web interface.
This document discusses buffer overflow attacks and defenses against them. It begins with an introduction to buffer overflows, explaining that they occur when more data is written to a buffer than it was allocated to hold. Two main types of buffer overflow attacks are then described: data buffer overflows, which overwrite existing data, and executable buffer overflows, also known as stack smashing attacks, which overwrite return addresses or function pointers to hijack program control flow. The document then surveys various defensive techniques, including secure coding practices, non-executable stacks, array bounds checking (via compilers or hardware mechanisms), and address space layout randomization. It evaluates the effectiveness of these defenses against different types of attacks.
This document describes a web vulnerability scanner created by students at D.Y.Patil College of Engineering. The scanner focuses on detecting and preventing common web vulnerabilities like SQL injection, cross-site scripting, file inclusions, and OS command injection. It was developed using the waterfall model, with phases for requirements gathering, system design including UML diagrams, and implementation. The motivation was that cyber attacks cost the global economy over $400 billion annually, so an automatic tool is needed to identify vulnerabilities in web applications.
Routine Detection Of Web Application Defence FlawsIJTET Journal
Abstract— The detection process for security vulnerabilities in ASP.NET websites / web applications is a complex one, most of the code is written by somebody else and there is no documentation to determine the purpose of source code. The characteristic of source code defects generates major web application vulnerabilities. The typical software faults that are behind of web application vulnerabilities, taking into different programming languages. To analyze their ability to prevent security vulnerabilities ASP.NET which is part of .NET framework that separate the HTML code from the programming code in two files, aspx file and another for the programming code. It depends on the compiled language (Visual Basic VB, C sharp C#, Java Script). Visual Basic and C# are the most common languages using with ASP.NET files, and these two compiled languages are in the construction of our proposed algorithm in addition to aspx files. The hacker can inject his malicious as a input or script that can destroy the database or steal website files. By using scanning tool the fault detection process can be done. The scanning process inspects three types of files (aspx, VB and C#). then the software faults are identified. By using fault recovery process the prepared replacement statement technique is used to detect the vulnerabilities and recover it with high efficiency and it provides suggestion then the report is generated then it will help to improve the overall security of the system.
10. sig free a signature free buffer overflow attack blockerakila_mano
SigFree is a signature-free method for blocking buffer overflow attacks targeting internet services. It works by detecting the presence of executable code in messages, which legitimate requests do not contain. SigFree analyzes messages using a novel "code abstraction" technique to distill possible instruction sequences and prune non-code data using data flow analysis. It then determines if instruction sequences exceed thresholds for the number of useful instructions or dependence degree to identify code. Experimental tests showed SigFree could block over 750 known attacks with few false positives and negligible latency for normal requests.
Similar to An automated approach to fix buffer overflows (20)
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Neural network optimizer of proportional-integral-differential controller par...IJECEIAES
Wide application of proportional-integral-differential (PID)-regulator in industry requires constant improvement of methods of its parameters adjustment. The paper deals with the issues of optimization of PID-regulator parameters with the use of neural network technology methods. A methodology for choosing the architecture (structure) of neural network optimizer is proposed, which consists in determining the number of layers, the number of neurons in each layer, as well as the form and type of activation function. Algorithms of neural network training based on the application of the method of minimizing the mismatch between the regulated value and the target value are developed. The method of back propagation of gradients is proposed to select the optimal training rate of neurons of the neural network. The neural network optimizer, which is a superstructure of the linear PID controller, allows increasing the regulation accuracy from 0.23 to 0.09, thus reducing the power consumption from 65% to 53%. The results of the conducted experiments allow us to conclude that the created neural superstructure may well become a prototype of an automatic voltage regulator (AVR)-type industrial controller for tuning the parameters of the PID controller.
An improved modulation technique suitable for a three level flying capacitor ...IJECEIAES
This research paper introduces an innovative modulation technique for controlling a 3-level flying capacitor multilevel inverter (FCMLI), aiming to streamline the modulation process in contrast to conventional methods. The proposed
simplified modulation technique paves the way for more straightforward and
efficient control of multilevel inverters, enabling their widespread adoption and
integration into modern power electronic systems. Through the amalgamation of
sinusoidal pulse width modulation (SPWM) with a high-frequency square wave
pulse, this controlling technique attains energy equilibrium across the coupling
capacitor. The modulation scheme incorporates a simplified switching pattern
and a decreased count of voltage references, thereby simplifying the control
algorithm.
A review on features and methods of potential fishing zoneIJECEIAES
This review focuses on the importance of identifying potential fishing zones in seawater for sustainable fishing practices. It explores features like sea surface temperature (SST) and sea surface height (SSH), along with classification methods such as classifiers. The features like SST, SSH, and different classifiers used to classify the data, have been figured out in this review study. This study underscores the importance of examining potential fishing zones using advanced analytical techniques. It thoroughly explores the methodologies employed by researchers, covering both past and current approaches. The examination centers on data characteristics and the application of classification algorithms for classification of potential fishing zones. Furthermore, the prediction of potential fishing zones relies significantly on the effectiveness of classification algorithms. Previous research has assessed the performance of models like support vector machines, naïve Bayes, and artificial neural networks (ANN). In the previous result, the results of support vector machine (SVM) were 97.6% more accurate than naive Bayes's 94.2% to classify test data for fisheries classification. By considering the recent works in this area, several recommendations for future works are presented to further improve the performance of the potential fishing zone models, which is important to the fisheries community.
Electrical signal interference minimization using appropriate core material f...IJECEIAES
As demand for smaller, quicker, and more powerful devices rises, Moore's law is strictly followed. The industry has worked hard to make little devices that boost productivity. The goal is to optimize device density. Scientists are reducing connection delays to improve circuit performance. This helped them understand three-dimensional integrated circuit (3D IC) concepts, which stack active devices and create vertical connections to diminish latency and lower interconnects. Electrical involvement is a big worry with 3D integrates circuits. Researchers have developed and tested through silicon via (TSV) and substrates to decrease electrical wave involvement. This study illustrates a novel noise coupling reduction method using several electrical involvement models. A 22% drop in electrical involvement from wave-carrying to victim TSVs introduces this new paradigm and improves system performance even at higher THz frequencies.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Bibliometric analysis highlighting the role of women in addressing climate ch...IJECEIAES
Fossil fuel consumption increased quickly, contributing to climate change
that is evident in unusual flooding and draughts, and global warming. Over
the past ten years, women's involvement in society has grown dramatically,
and they succeeded in playing a noticeable role in reducing climate change.
A bibliometric analysis of data from the last ten years has been carried out to
examine the role of women in addressing the climate change. The analysis's
findings discussed the relevant to the sustainable development goals (SDGs),
particularly SDG 7 and SDG 13. The results considered contributions made
by women in the various sectors while taking geographic dispersion into
account. The bibliometric analysis delves into topics including women's
leadership in environmental groups, their involvement in policymaking, their
contributions to sustainable development projects, and the influence of
gender diversity on attempts to mitigate climate change. This study's results
highlight how women have influenced policies and actions related to climate
change, point out areas of research deficiency and recommendations on how
to increase role of the women in addressing the climate change and
achieving sustainability. To achieve more successful results, this initiative
aims to highlight the significance of gender equality and encourage
inclusivity in climate change decision-making processes.
Voltage and frequency control of microgrid in presence of micro-turbine inter...IJECEIAES
The active and reactive load changes have a significant impact on voltage
and frequency. In this paper, in order to stabilize the microgrid (MG) against
load variations in islanding mode, the active and reactive power of all
distributed generators (DGs), including energy storage (battery), diesel
generator, and micro-turbine, are controlled. The micro-turbine generator is
connected to MG through a three-phase to three-phase matrix converter, and
the droop control method is applied for controlling the voltage and
frequency of MG. In addition, a method is introduced for voltage and
frequency control of micro-turbines in the transition state from gridconnected mode to islanding mode. A novel switching strategy of the matrix
converter is used for converting the high-frequency output voltage of the
micro-turbine to the grid-side frequency of the utility system. Moreover,
using the switching strategy, the low-order harmonics in the output current
and voltage are not produced, and consequently, the size of the output filter
would be reduced. In fact, the suggested control strategy is load-independent
and has no frequency conversion restrictions. The proposed approach for
voltage and frequency regulation demonstrates exceptional performance and
favorable response across various load alteration scenarios. The suggested
strategy is examined in several scenarios in the MG test systems, and the
simulation results are addressed.
Enhancing battery system identification: nonlinear autoregressive modeling fo...IJECEIAES
Precisely characterizing Li-ion batteries is essential for optimizing their
performance, enhancing safety, and prolonging their lifespan across various
applications, such as electric vehicles and renewable energy systems. This
article introduces an innovative nonlinear methodology for system
identification of a Li-ion battery, employing a nonlinear autoregressive with
exogenous inputs (NARX) model. The proposed approach integrates the
benefits of nonlinear modeling with the adaptability of the NARX structure,
facilitating a more comprehensive representation of the intricate
electrochemical processes within the battery. Experimental data collected
from a Li-ion battery operating under diverse scenarios are employed to
validate the effectiveness of the proposed methodology. The identified
NARX model exhibits superior accuracy in predicting the battery's behavior
compared to traditional linear models. This study underscores the
importance of accounting for nonlinearities in battery modeling, providing
insights into the intricate relationships between state-of-charge, voltage, and
current under dynamic conditions.
Smart grid deployment: from a bibliometric analysis to a surveyIJECEIAES
Smart grids are one of the last decades' innovations in electrical energy.
They bring relevant advantages compared to the traditional grid and
significant interest from the research community. Assessing the field's
evolution is essential to propose guidelines for facing new and future smart
grid challenges. In addition, knowing the main technologies involved in the
deployment of smart grids (SGs) is important to highlight possible
shortcomings that can be mitigated by developing new tools. This paper
contributes to the research trends mentioned above by focusing on two
objectives. First, a bibliometric analysis is presented to give an overview of
the current research level about smart grid deployment. Second, a survey of
the main technological approaches used for smart grid implementation and
their contributions are highlighted. To that effect, we searched the Web of
Science (WoS), and the Scopus databases. We obtained 5,663 documents
from WoS and 7,215 from Scopus on smart grid implementation or
deployment. With the extraction limitation in the Scopus database, 5,872 of
the 7,215 documents were extracted using a multi-step process. These two
datasets have been analyzed using a bibliometric tool called bibliometrix.
The main outputs are presented with some recommendations for future
research.
Use of analytical hierarchy process for selecting and prioritizing islanding ...IJECEIAES
One of the problems that are associated to power systems is islanding
condition, which must be rapidly and properly detected to prevent any
negative consequences on the system's protection, stability, and security.
This paper offers a thorough overview of several islanding detection
strategies, which are divided into two categories: classic approaches,
including local and remote approaches, and modern techniques, including
techniques based on signal processing and computational intelligence.
Additionally, each approach is compared and assessed based on several
factors, including implementation costs, non-detected zones, declining
power quality, and response times using the analytical hierarchy process
(AHP). The multi-criteria decision-making analysis shows that the overall
weight of passive methods (24.7%), active methods (7.8%), hybrid methods
(5.6%), remote methods (14.5%), signal processing-based methods (26.6%),
and computational intelligent-based methods (20.8%) based on the
comparison of all criteria together. Thus, it can be seen from the total weight
that hybrid approaches are the least suitable to be chosen, while signal
processing-based methods are the most appropriate islanding detection
method to be selected and implemented in power system with respect to the
aforementioned factors. Using Expert Choice software, the proposed
hierarchy model is studied and examined.
Enhancing of single-stage grid-connected photovoltaic system using fuzzy logi...IJECEIAES
The power generated by photovoltaic (PV) systems is influenced by
environmental factors. This variability hampers the control and utilization of
solar cells' peak output. In this study, a single-stage grid-connected PV
system is designed to enhance power quality. Our approach employs fuzzy
logic in the direct power control (DPC) of a three-phase voltage source
inverter (VSI), enabling seamless integration of the PV connected to the
grid. Additionally, a fuzzy logic-based maximum power point tracking
(MPPT) controller is adopted, which outperforms traditional methods like
incremental conductance (INC) in enhancing solar cell efficiency and
minimizing the response time. Moreover, the inverter's real-time active and
reactive power is directly managed to achieve a unity power factor (UPF).
The system's performance is assessed through MATLAB/Simulink
implementation, showing marked improvement over conventional methods,
particularly in steady-state and varying weather conditions. For solar
irradiances of 500 and 1,000 W/m2
, the results show that the proposed
method reduces the total harmonic distortion (THD) of the injected current
to the grid by approximately 46% and 38% compared to conventional
methods, respectively. Furthermore, we compare the simulation results with
IEEE standards to evaluate the system's grid compatibility.
Enhancing photovoltaic system maximum power point tracking with fuzzy logic-b...IJECEIAES
Photovoltaic systems have emerged as a promising energy resource that
caters to the future needs of society, owing to their renewable, inexhaustible,
and cost-free nature. The power output of these systems relies on solar cell
radiation and temperature. In order to mitigate the dependence on
atmospheric conditions and enhance power tracking, a conventional
approach has been improved by integrating various methods. To optimize
the generation of electricity from solar systems, the maximum power point
tracking (MPPT) technique is employed. To overcome limitations such as
steady-state voltage oscillations and improve transient response, two
traditional MPPT methods, namely fuzzy logic controller (FLC) and perturb
and observe (P&O), have been modified. This research paper aims to
simulate and validate the step size of the proposed modified P&O and FLC
techniques within the MPPT algorithm using MATLAB/Simulink for
efficient power tracking in photovoltaic systems.
Adaptive synchronous sliding control for a robot manipulator based on neural ...IJECEIAES
Robot manipulators have become important equipment in production lines, medical fields, and transportation. Improving the quality of trajectory tracking for
robot hands is always an attractive topic in the research community. This is a
challenging problem because robot manipulators are complex nonlinear systems
and are often subject to fluctuations in loads and external disturbances. This
article proposes an adaptive synchronous sliding control scheme to improve trajectory tracking performance for a robot manipulator. The proposed controller
ensures that the positions of the joints track the desired trajectory, synchronize
the errors, and significantly reduces chattering. First, the synchronous tracking
errors and synchronous sliding surfaces are presented. Second, the synchronous
tracking error dynamics are determined. Third, a robust adaptive control law is
designed,the unknown components of the model are estimated online by the neural network, and the parameters of the switching elements are selected by fuzzy
logic. The built algorithm ensures that the tracking and approximation errors
are ultimately uniformly bounded (UUB). Finally, the effectiveness of the constructed algorithm is demonstrated through simulation and experimental results.
Simulation and experimental results show that the proposed controller is effective with small synchronous tracking errors, and the chattering phenomenon is
significantly reduced.
Remote field-programmable gate array laboratory for signal acquisition and de...IJECEIAES
A remote laboratory utilizing field-programmable gate array (FPGA) technologies enhances students’ learning experience anywhere and anytime in embedded system design. Existing remote laboratories prioritize hardware access and visual feedback for observing board behavior after programming, neglecting comprehensive debugging tools to resolve errors that require internal signal acquisition. This paper proposes a novel remote embeddedsystem design approach targeting FPGA technologies that are fully interactive via a web-based platform. Our solution provides FPGA board access and debugging capabilities beyond the visual feedback provided by existing remote laboratories. We implemented a lab module that allows users to seamlessly incorporate into their FPGA design. The module minimizes hardware resource utilization while enabling the acquisition of a large number of data samples from the signal during the experiments by adaptively compressing the signal prior to data transmission. The results demonstrate an average compression ratio of 2.90 across three benchmark signals, indicating efficient signal acquisition and effective debugging and analysis. This method allows users to acquire more data samples than conventional methods. The proposed lab allows students to remotely test and debug their designs, bridging the gap between theory and practice in embedded system design.
Detecting and resolving feature envy through automated machine learning and m...IJECEIAES
Efficiently identifying and resolving code smells enhances software project quality. This paper presents a novel solution, utilizing automated machine learning (AutoML) techniques, to detect code smells and apply move method refactoring. By evaluating code metrics before and after refactoring, we assessed its impact on coupling, complexity, and cohesion. Key contributions of this research include a unique dataset for code smell classification and the development of models using AutoGluon for optimal performance. Furthermore, the study identifies the top 20 influential features in classifying feature envy, a well-known code smell, stemming from excessive reliance on external classes. We also explored how move method refactoring addresses feature envy, revealing reduced coupling and complexity, and improved cohesion, ultimately enhancing code quality. In summary, this research offers an empirical, data-driven approach, integrating AutoML and move method refactoring to optimize software project quality. Insights gained shed light on the benefits of refactoring on code quality and the significance of specific features in detecting feature envy. Future research can expand to explore additional refactoring techniques and a broader range of code metrics, advancing software engineering practices and standards.
Smart monitoring technique for solar cell systems using internet of things ba...IJECEIAES
Rapidly and remotely monitoring and receiving the solar cell systems status parameters, solar irradiance, temperature, and humidity, are critical issues in enhancement their efficiency. Hence, in the present article an improved smart prototype of internet of things (IoT) technique based on embedded system through NodeMCU ESP8266 (ESP-12E) was carried out experimentally. Three different regions at Egypt; Luxor, Cairo, and El-Beheira cities were chosen to study their solar irradiance profile, temperature, and humidity by the proposed IoT system. The monitoring data of solar irradiance, temperature, and humidity were live visualized directly by Ubidots through hypertext transfer protocol (HTTP) protocol. The measured solar power radiation in Luxor, Cairo, and El-Beheira ranged between 216-1000, 245-958, and 187-692 W/m 2 respectively during the solar day. The accuracy and rapidity of obtaining monitoring results using the proposed IoT system made it a strong candidate for application in monitoring solar cell systems. On the other hand, the obtained solar power radiation results of the three considered regions strongly candidate Luxor and Cairo as suitable places to build up a solar cells system station rather than El-Beheira.
An efficient security framework for intrusion detection and prevention in int...IJECEIAES
Over the past few years, the internet of things (IoT) has advanced to connect billions of smart devices to improve quality of life. However, anomalies or malicious intrusions pose several security loopholes, leading to performance degradation and threat to data security in IoT operations. Thereby, IoT security systems must keep an eye on and restrict unwanted events from occurring in the IoT network. Recently, various technical solutions based on machine learning (ML) models have been derived towards identifying and restricting unwanted events in IoT. However, most ML-based approaches are prone to miss-classification due to inappropriate feature selection. Additionally, most ML approaches applied to intrusion detection and prevention consider supervised learning, which requires a large amount of labeled data to be trained. Consequently, such complex datasets are impossible to source in a large network like IoT. To address this problem, this proposed study introduces an efficient learning mechanism to strengthen the IoT security aspects. The proposed algorithm incorporates supervised and unsupervised approaches to improve the learning models for intrusion detection and mitigation. Compared with the related works, the experimental outcome shows that the model performs well in a benchmark dataset. It accomplishes an improved detection accuracy of approximately 99.21%.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Sinan KOZAK
Sinan from the Delivery Hero mobile infrastructure engineering team shares a deep dive into performance acceleration with Gradle build cache optimizations. Sinan shares their journey into solving complex build-cache problems that affect Gradle builds. By understanding the challenges and solutions found in our journey, we aim to demonstrate the possibilities for faster builds. The case study reveals how overlapping outputs and cache misconfigurations led to significant increases in build times, especially as the project scaled up with numerous modules using Paparazzi tests. The journey from diagnosing to defeating cache issues offers invaluable lessons on maintaining cache integrity without sacrificing functionality.
Null Bangalore | Pentesters Approach to AWS IAMDivyanshu
#Abstract:
- Learn more about the real-world methods for auditing AWS IAM (Identity and Access Management) as a pentester. So let us proceed with a brief discussion of IAM as well as some typical misconfigurations and their potential exploits in order to reinforce the understanding of IAM security best practices.
- Gain actionable insights into AWS IAM policies and roles, using hands on approach.
#Prerequisites:
- Basic understanding of AWS services and architecture
- Familiarity with cloud security concepts
- Experience using the AWS Management Console or AWS CLI.
- For hands on lab create account on [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
# Scenario Covered:
- Basics of IAM in AWS
- Implementing IAM Policies with Least Privilege to Manage S3 Bucket
- Objective: Create an S3 bucket with least privilege IAM policy and validate access.
- Steps:
- Create S3 bucket.
- Attach least privilege policy to IAM user.
- Validate access.
- Exploiting IAM PassRole Misconfiguration
-Allows a user to pass a specific IAM role to an AWS service (ec2), typically used for service access delegation. Then exploit PassRole Misconfiguration granting unauthorized access to sensitive resources.
- Objective: Demonstrate how a PassRole misconfiguration can grant unauthorized access.
- Steps:
- Allow user to pass IAM role to EC2.
- Exploit misconfiguration for unauthorized access.
- Access sensitive resources.
- Exploiting IAM AssumeRole Misconfiguration with Overly Permissive Role
- An overly permissive IAM role configuration can lead to privilege escalation by creating a role with administrative privileges and allow a user to assume this role.
- Objective: Show how overly permissive IAM roles can lead to privilege escalation.
- Steps:
- Create role with administrative privileges.
- Allow user to assume the role.
- Perform administrative actions.
- Differentiation between PassRole vs AssumeRole
Try at [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
Rainfall intensity duration frequency curve statistical analysis and modeling...bijceesjournal
Using data from 41 years in Patna’ India’ the study’s goal is to analyze the trends of how often it rains on a weekly, seasonal, and annual basis (1981−2020). First, utilizing the intensity-duration-frequency (IDF) curve and the relationship by statistically analyzing rainfall’ the historical rainfall data set for Patna’ India’ during a 41 year period (1981−2020), was evaluated for its quality. Changes in the hydrologic cycle as a result of increased greenhouse gas emissions are expected to induce variations in the intensity, length, and frequency of precipitation events. One strategy to lessen vulnerability is to quantify probable changes and adapt to them. Techniques such as log-normal, normal, and Gumbel are used (EV-I). Distributions were created with durations of 1, 2, 3, 6, and 24 h and return times of 2, 5, 10, 25, and 100 years. There were also mathematical correlations discovered between rainfall and recurrence interval.
Findings: Based on findings, the Gumbel approach produced the highest intensity values, whereas the other approaches produced values that were close to each other. The data indicates that 461.9 mm of rain fell during the monsoon season’s 301st week. However, it was found that the 29th week had the greatest average rainfall, 92.6 mm. With 952.6 mm on average, the monsoon season saw the highest rainfall. Calculations revealed that the yearly rainfall averaged 1171.1 mm. Using Weibull’s method, the study was subsequently expanded to examine rainfall distribution at different recurrence intervals of 2, 5, 10, and 25 years. Rainfall and recurrence interval mathematical correlations were also developed. Further regression analysis revealed that short wave irrigation, wind direction, wind speed, pressure, relative humidity, and temperature all had a substantial influence on rainfall.
Originality and value: The results of the rainfall IDF curves can provide useful information to policymakers in making appropriate decisions in managing and minimizing floods in the study area.
Design and optimization of ion propulsion dronebjmsejournal
Electric propulsion technology is widely used in many kinds of vehicles in recent years, and aircrafts are no exception. Technically, UAVs are electrically propelled but tend to produce a significant amount of noise and vibrations. Ion propulsion technology for drones is a potential solution to this problem. Ion propulsion technology is proven to be feasible in the earth’s atmosphere. The study presented in this article shows the design of EHD thrusters and power supply for ion propulsion drones along with performance optimization of high-voltage power supply for endurance in earth’s atmosphere.
artificial intelligence and data science contents.pptxGauravCar
What is artificial intelligence? Artificial intelligence is the ability of a computer or computer-controlled robot to perform tasks that are commonly associated with the intellectual processes characteristic of humans, such as the ability to reason.
› ...
Artificial intelligence (AI) | Definitio
Software Engineering and Project Management - Introduction, Modeling Concepts...Prakhyath Rai
Introduction, Modeling Concepts and Class Modeling: What is Object orientation? What is OO development? OO Themes; Evidence for usefulness of OO development; OO modeling history. Modeling
as Design technique: Modeling, abstraction, The Three models. Class Modeling: Object and Class Concept, Link and associations concepts, Generalization and Inheritance, A sample class model, Navigation of class models, and UML diagrams
Building the Analysis Models: Requirement Analysis, Analysis Model Approaches, Data modeling Concepts, Object Oriented Analysis, Scenario-Based Modeling, Flow-Oriented Modeling, class Based Modeling, Creating a Behavioral Model.
2. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 4, August 2020 : 3777 - 3787
3778
vulnerabilities. A simple error during software development can lead to huge financial losses. Recent
research shows that cybercriminals are finding new ways to attack small and large organizations. Kaspersky,
a security company reported that a group of cybercriminals intruded more than 100 banks causing a financial
loss of more than $1 Billion. As machine learning processes a huge amount of data, hackers target machine
learning causing cyberattacks. DDoS attacks are used in IoT based devices by making the whole system
down. Physical infrastructure such as media channels, telecommunication networks, hospitals is also
the victim of cyberattacks because of low-level security.
According to a Gartner Group report, 70% of the vulnerabilities are found in software applications.
For the last 25 years i.e. 1998-2012, Buffer Overflow was the most occurring vulnerability. According to
CVE results from 1988-1998, a buffer overflow was declared as the vulnerability of the decade [3]. Common
Vulnerabilities and Exposures was launched by MITRE in 1999. It provides a list of identifiers for known
software security vulnerabilities. CVE data is synchronized with NVD which immediately updates
information regarding fixing vulnerabilities, severity score and impact rating in CVE entries. CVE details
provide information about vulnerabilities by their type and their severity level. This information varies year
over year. Statistics of buffer overflow reported in CVE are shown in Figure 1, it is obvious that there has
been an increase in reported buffer overflow vulnerabilities in recent years.
Figure 1. Statistics of buffer overflow in CVE
A Recommender System [4-6], was proposed to achieve higher software security by giving training
to software developers. This system uses public vulnerability repository such as CWE, which suggests
mitigation strategies for different vulnerabilities. Static analysis techniques were used to search out
the vulnerabilities in legacy code. Further, the mapping algorithm was used which mapped the mitigation
strategies with the vulnerabilities found. The rest of this paper is organized as follows. Section 2 discusses
the background; section 3 discusses the research methodology; section 4 discusses experiments and results,
and section 5 gives conclusion and future work.
2. BACKGROUND
Buffer overflow attack [7, 8, 9] can occur if a large amount of data is inserted into a fixed-length
buffer than it can occupy and crashes the system by overwriting extra information to an adjacent memory
space. Programs written in unmanaged programming languages are usually susceptible as these languages do
not have built-in protection against this vulnerability [10]. An attacker takes advantage of this overflow by
inserting malicious code into the memory. Different types of buffer overflow along with their existing
mitigation strategies are shown in Table 1.
Table 1. Different types of buffer overflows and their mitigation strategies
Types of Buffer Overflows Proposed Mitigation Strategies
Stack-Based Buffer Overflow Add boundary check
Heap-Based Buffer Overflow Add malloc check
Format-String Buffer Overflow API substitution
Integer-Based Buffer Overflow Use LONG LONG INT
Unicode Buffer Overflow Proposed solution doesn’t exist
3. Int J Elec & Comp Eng ISSN: 2088-8708
An automated approach to fix buffer overflows (Aamir Shahab)
3779
Stack-Based Buffer Overflow occurs when a string is copied from source buffer to a destination
buffer using strcpy function. While copying, strcpy function does not check the size of the destination buffer
which may lead to a buffer overflow attack. Vulnerable and healed source code for stack-based buffer
overflow is shown in Figure 2, in which array declared as src[] having a size of 12 bytes while the array
declared as dest[] having a size of 10 bytes. Instead of the smaller size of the destination array, strcpy
function copies the source string to the destination string.
(a)
(b)
Figure 2. Vulnerable and healed code for stack-based buffer overflow, (a) Replacing “strcpy” with “strncpy”,
(b) Using “if-else” check
Stack-based buffer overflow can be fixed by adding boundary checks. This strategy makes decisions
by checking the size of the source buffer and then comparing it with the destination buffer. In healed code,
‘strncpy’ function was used instead of ‘strcpy’. The difference between the ‘strcpy’ and ‘strncpy’ function is
that the strncpy function checks the size of the destination buffer and copy only those bytes till the size of
the destination buffer.
Stack-based buffer overflow vulnerability detection technique was proposed in binary codes [11].
Different buffers were scanned to find out the risk functions. Against these risky functions, a function library
is established. Finally, vulnerability is detected by comparing the buffer size which is used with the buffer
size already declared. The proposed approach only detects the stack overflow vulnerability whereas our
approach first detects and then fixes the vulnerability.
Heap-Based Buffer Overflow. Static memory allocation is used to declare an array of desired space.
e.g. In case, we have declared an array to store data for 10 students and if the number of students is changed,
then the allocated memory may not fulfill our requirements. To save this memory loss, malloc function was
introduced to allocate memory dynamically. An if-else check will be used to check whether a pointer has
allocated memory or not?
A smart fuzzing method was used to detect heap-based buffer overflow [12, 13]. Based on concolic
execution, this technique detects vulnerabilities more accurately. Addresses of the dynamically allocated
memory chunks were stored in a memory table. The memory table is updated upon the allocation and
deallocation of these memory chunks. This vulnerability table is then used to create vulnerability constraints.
Android-based smart devices are the victims of attackers by inserting malicious code and steal
useful information.
Format-String Buffer Overflow occurs by the combination of data and control information. Text
strings are sometimes automatically converted to larger formats. sprintf is used to input the formatted string
into a character array similarly as ’printf’ is used to write the string into the console. Vulnerable and healed
code for format-string buffer overflow are shown in Figure 3(a). While writing the formatted string to
the character array, sprintf doesn’t check for the overflow. snprintf is used that checks the length of the buffer
4. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 4, August 2020 : 3777 - 3787
3780
and copies a determined number of bytes including the null terminator at the end. An if-else check is added
which after checking the condition copies the buffer.
Many approaches such as runtime, testing, and static analysis approaches have been proposed but
none of them can distinguish all types of format string vulnerability [14, 15]. The analysis approach finds out
the format string functions. Usually, the format string functions are printf, fprintf, sprintf, etc. This approach
only detects the vulnerability, however, it reduces the number of false positive.
Integer-Based Buffer Overflow occurs when after performing some operation whose value may
exceed the maximum or minimum range. e.g. If we add, 100 +200, the result will exceed 8 bits. Integer-based
buffer overflow can be fixed by changing the data type from INT which is 32 bit long to LONG LONG INT
which is 64 bit long. Vulnerable code for integer-based buffer overflow are shown in Figure 3 (a), whereas
the healed code is shown in Figure 3(b).
(a)
(b)
Figure 3. Vulnerable and healed code for format-string and integer-based buffer overflow,
(a) Replacing “sprintf” with “snprintf”, (b) Replacing “INT” with “LONG LONG INT”
The static analysis approach was used for the detection of integer-based buffer overflow by finding
sensitive code locations [16]. The static phase performs Control Flow Graph recovery and Call Graph
recovery. Once found, an automated POC was generated to fix the vulnerability. This approach was more
accurate and doesn’t give any false positive and false negative. IntPatch [17] fixes integer overflow in C/C++
source code at compile time. This approach identifies the un-secure arithmetic operations and fixing
statement is inserted after each vulnerable arithmetic operation. A novel approach using symbolic execution
was proposed for fixing integer overflow vulnerability in source code [18]. After detecting a vulnerability,
a repair pattern was generated which patches the source code. Code refactoring is performed which checks
whether the vulnerability is removed or still exists. If a vulnerability exists still there, a message unrepaired
integer overflow is generated. This approach was more efficient than manual repair, however, it works only
for integer type vulnerability. Unicode Buffer Overflow occurs by injecting Unicode characters into an input
that expects ASCII characters. Since ASCII code covers only Western language characters while Unicode
can create a character for almost all languages.
Ranges for Unicode characters in different languages are given below:
- English Alphabets (0041-005A, 0061-007A)
- Greek Characters (0370-03FF)
- Mathematical Operators (2200-22FF)
- Arabic Characters (0600-06FF)
If we want to print Alpha Sign having code “nx03B1” in normal mode, we will get a garbage value.
Vulnerable and healed code are shown in a listing below. To remove unicode buffer overflow, set
the program in Unicode mode and replace cout, printf with wcout, wprintf respectively, the vulnerable and
healed code is shown in Figure 4.
5. Int J Elec & Comp Eng ISSN: 2088-8708
An automated approach to fix buffer overflows (Aamir Shahab)
3781
Figure 4. Replacing ‘printf’ with ‘wprintf’
2.1. Public vulnerability repository
Public software vulnerability repository, Common Weakness, and Enumeration (CWE) hold useful
articles about security vulnerabilities and their mitigation strategies. MITRE, launched a CVE list containing
a distribution of software weaknesses in 1999. CWE provides a standard list of software vulnerabilities that
can be helpful for software developers as well as to large government and private organizations as
a knowledge base for these security flaws. These software weaknesses are categorized into three main
concepts.
- Research Concepts
- Development Concepts
- Architecture Concepts
These CWE mitigation studies along with existing research studies are combined for developing
a prototype tool. This tool detects the vulnerable modules and then fix them as a healed code. Different types
of buffer overflow and suggested CWE mitigation strategies are shown in Table 2.
Table 2. Buffer overflow types and CWE mitigation strategies
Types of Buffer Overflows CWE Mitigation Strategies
Stack-Based Buffer Overflow Use safer, equivalent functions which check for boundary errors
Heap-Based Buffer Overflow Perform bounds checking on inputs
Format-String Buffer Overflow Avoid using functions like ”printf”
Integer-Based Buffer Overflow Use safe packages such as SafeInt(C++) or IntegerLib(C or C++)
Unicode Buffer Overflow Use the principle of least privilege
3. EXISTING AUTOMATED APPROACHES
Buffer overflow, a base for many other vulnerabilities. If buffer overflow is handled, more than 50%
of the attacks could become ineffective. Vulnerable files were located using tool implementation [19].
Firstly, an application is run under normal condition and a record of the stack trace is made. In the next step,
an application with an overflow attack is run again. Results of both the stack traces are compared whether
they are similar or different? By tracing the vulnerable path, a vulnerability is removed in an application.
However, this tool only works for locating “strcpy” function. Shaw et al. [20] proposed that the legacy C
source code can be transformed using program transformation. Safe Library Replacement and Safe Type
Replacement were used to heal the vulnerable C language codes. SLR replaces unsafe functions such as
strcpy with g strlcpy, memcpy with memcpy s, gets with fgets or gets s, etc. in Linux systems. STR replaces
all character pointers with safe data structures i.e., “stralloc” pointers.
The static analysis approach is used for finding buffer overflow vulnerability using tools such as
Fortify, Splint, and Checkmarx [21]. Various manual approaches were used for fixing buffer overflow
vulnerability. These approaches then guided for the automated fixing of buffer overflow vulnerability.
According to [22], web applications were statically analyzed and categorized into dodgy code vulnerabilities,
malicious code vulnerabilities, and security code vulnerabilities. These kinds of vulnerabilities are inserted
because of developers’ bad programming practices. FindBugs plugin was used to detect vulnerabilities in
Java web applications. It references the vulnerabilities to OWASP top 10 and CWE. A secure development
framework was developed that should restrict the developers from using bad programming practices.
BovInspector, an automated tool, fixes buffer overflow vulnerability in C programs. The tool checks
the buffer overflow warning path in a program. These warnings are then validated using symbolic execution.
BovInspector fixes these warnings using boundary checks, safer API’s and by extending the buffer size [23].
A software self-healing framework was proposed for the detection and fixing of software security
vulnerabilities as shown in Figure 1. Suggested mitigation strategies from CWE were transformed into
standardized rules for developing a code transformation module. This module replaced vulnerable code with
a healed code. Cross-site scripting or XSS vulnerability was fixed using this prototype. This approach then
6. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 4, August 2020 : 3777 - 3787
3782
guided for fixing buffer overflows automatically without human intervention [24]. A combination of both
static and dynamic analysis techniques was used for the detection of buffer overflow in binary files [25].
The location of the vulnerability can be found by static analysis and then these vulnerabilities are tested by
dynamic analysis to remove false positives. This technique works by converting the binary files into
assembly language and then apply both static and dynamic techniques to find the overflow points. Results
showed that various overflow functions such as strcpy, strcat and sprintf should be changed by more secure
functions such as strncpy, strncat and snprintf respectively. However, our approach uses only static analysis
for fixing buffer overflows. An integrated framework [26], was developed to find vulnerabilities in web
applications using static analysis approach. The framework is shown in Figure 5. This helps programmers to
produce secure code before software development.
Figure 5. Software self-healing framework [23]
3.1. Proposed automated approach
In our proposed approach, different modules are discussed separately. Table 2 holds useful articles
for fixing different types of buffer overflow vulnerabilities. In this work, source code is analyzed using static
analysis tool and vulnerable modules are found. Mitigation strategies from public vulnerability repository are
transformed into standardized rules. These rules are then used by the source code healing module which
transforms vulnerable source code into healed code. If a mitigation strategy against any vulnerability does not
exist, then the public vulnerability repository is updated manually. The source code healing module
transforms these manual solutions into automated standardized rules resulting in a modified code as shown in
Figure 2. Our research comprises of the following research questions.
- RQ1. How can the mitigation strategies in CWE articles for fixing different types of buffer overflow be
used to automatically heal the vulnerable source code?
- RQ2. Does the automated approach, in RQ1, compromise the accuracy of the resultant source code?
4. RESEARCH METHODOLOGY
Static analysis is used to analyze source code. Both static and dynamic analysis techniques can be
used for finding the buffer overflow vulnerability. However, static analysis shows better results because static
analysis checks the vulnerabilities before software deployment. The drawback of this technique is that it
results in a high number of false positives. Our proposed system uses mitigation strategies for fixing different
types of buffer overflows. These mitigation strategies along with existing research strategies are used to
develop a prototype. The solution to fix Unicode buffer overflow was updated manually in a public
vulnerability repository. Source code is run through this prototype which replaced vulnerable lines of code
with secure lines. A modified version of the self-healing framework is shown in Figure 6.
7. Int J Elec & Comp Eng ISSN: 2088-8708
An automated approach to fix buffer overflows (Aamir Shahab)
3783
Figure 6. Modified version of software self-healing framework
4.1. Static analysis tool
KIUWAN a static analysis tool scans the source code and measures its quality. Its trial version is
free and can be accessible on demand. It references the vulnerabilities defined by OWASP and public
vulnerability repositories i.e. CWE. It uses the Code Quality Model for evaluating software characteristics.
Some indicators of KIUWAN are shown in Table 3.
Table 3. Summary of kiuwan indicators
Indicator Description
Security Repudiate unauthorized users to get access
Reliability Maintains a specified level of performance
Efficiency Provides performance relative to available resource
Maintainability Adaptable to changing requirements and functional specification
Portability Portability lies in code complexity
Risk Index Measure how much your code is vulnerable?
Global Indicator Calculates the weighted average of the characteristics of the application
Defects Shows how much rules are violated
4.2. Static analysis tool
KIUWAN is a static analysis tool that scans the source code and measures its quality. Its trial
version is free and can be accessible on demand. It references the vulnerabilities defined by OWASP and
public vulnerability repositories i.e. CWE. It uses the Code Quality Model for evaluating software
characteristics. Some indicators of KIUWAN are shown in Table 3.
The methodology of our proposed approach is carried by making the static analysis of vulnerable
source code using the KIUWAN static analysis tool. Source code for different types of buffer overflow
vulnerability is scanned individually. Results after scanning a source code showed different types of
vulnerabilities. These vulnerabilities are further categorized as:
- Vulnerabilities by type
- Vulnerabilities by language
- Vulnerabilities by priority
Among vulnerabilities by type, we selected vulnerabilities related to buffer overflow and among
languages C++ was selected. This scanned source code is run through the source code healing module.
This module is developed using regular expressions. These regular expressions search for a specific function
in source code and the attributes declared with that function were found. Functions such as strcpy, sprintf,
etc. were replaced with securer functions like strncpy and snprintf respectively by using regular expressions.
Existing research studies for fixing different types of buffer overflow vulnerability along with the CWE
mitigation strategies are combined together as a part of this module. The source code healing module
8. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 4, August 2020 : 3777 - 3787
3784
replaces vulnerable source code with healed code. Healed code obtained as a result of the source code healing
module is then scanned using the same static analysis tool.The methodology used to heal the various types of
buffer overflow vulnerabilities is shown in Figure 7. Accuracy of an automated approach will be measured
by checking to what extent these vulnerabilities are removed in a healed code. Matrices such as risk index,
global indicator, and defects were also compared.
Figure 7. Methodology
5. EXPERIMENTS AND RESULTS
KIUWAN a static analyzer tool was used to detect vulnerabilities in source codes. The experimental
setup is shown in Figure 8. Open-source codes for different types of buffer overflow vulnerabilities were
scanned individually. A prototype using CWE mitigation strategies to fix different types of buffer overflow
vulnerabilities was developed. These codes were passed through a prototype that replaced vulnerable source
code with healed code. Healed code was analyzed using the KIUWAN tool. As a result, vulnerabilities are
removed. Vulnerable and healed code for stack-based buffer overflow based on the guidelines in CWE121-
master are shown in Figure 9.
Vulnerable and healed code for a heap-based buffer overflow is shown in Figure 10. The sample
source code can be found at LPT-ArrMinHeap-LeftistTree-Point. Results against different types of buffer
overflow vulnerability are shown in Table 4, it is obvious from the results that the proposed prototype tool
was able to fix various types of buffer overflow errors in the target source code.
Figure 8. Experimental setup
9. Int J Elec & Comp Eng ISSN: 2088-8708
An automated approach to fix buffer overflows (Aamir Shahab)
3785
Figure 9. Fixing stack-based buffer overflow
Figure 10. Fixing heap-based buffer overflow
Table 4. Results: different types of buffer overflows
Buffer overflow type Target Source Code No. of identified vulnerabilities
Before healing
the source code
After healing the source code
Stack-Based Buffer Overflow CWE121-master 18 16
Heap-Based Buffer Overflow LPT-ArrMinHeap-LeftistTree-Point 19 5
Format-String Buffer Overflow Pablodroca/CppUnicodeTests 11 9
Integer-Based Buffer Overflow CWE190-BigInt-master 11 2
Unicode Buffer Overflow Test-UNICODE-SYMBOLSr 24 20
Summary 83 52
It can be observed that 31 buffer overflow errors of various types were fixed. Vulnerable and healed
code for a format-string buffer overflow is shown in Figure 11. The sample source code can be found at
Pablodroca/CppUnicodeTests. Vulnerable and healed code for integer-based buffer overflow based on
the guidelines in CWE 190 is shown in Figure 12. The sample source code can be found at BigInt-master.
Vulnerable and healed code for Unicode buffer overflow can be found in Figure 13. The sample source code
can be found at Test-UNICODE-SYMBOLS.
Figure 11. Fixing format-string buffer overflow
Figure 12. Fixing integer-based buffer overflow Figure 13. Fixing unicode-based buffer overflow
10. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 4, August 2020 : 3777 - 3787
3786
6. CONCLUSION AND FUTURE WORK
In this study, we found that buffer overflow, one of the growing vulnerabilities both in small and
largescale software development industries. Manually fixing the vulnerability is a time-consuming task and
may induce programming errors. An automated approach was proposed to overcome this problem.
A prototype was developed which automatically fixes the buffer overflow vulnerability. Static analysis tool
KIUWAN was used for the detection of the vulnerability. Regular expressions were used to replace
vulnerable source code with healed code. Results obtained from the resultant source code were more accurate
and efficient than the manual fixing of buffer overflow vulnerability. The scope of our study can be extended
by focusing on other vulnerabilities such as SQL injection attack, broken access control, etc. Since we have
used the CWE vulnerability repository, other public vulnerability repositories can be used as a knowledge
base. Experimental results showed that the source code healing module alleviated vulnerabilities against
every type of buffer overflow. But, integer-based buffer overflow occupies more memory as INT data type is
replaced with LONG LONG INT. In the future, the identified drawback of this study can be minimized.
REFERENCES
[1] A. Agrawal, M. Alenezi, R. Kumar, and R. A. Khan, “A source code perspective framework to produce secure web
applications,” Computer Fraud & Security, vol. 2019, no. 10, pp. 11–18, 2019.
[2] H. Ashraf, M. Alenezi, M. Nadeem, and Y. Javid, “Security assessment framework for educational erp systems,”
International Journal of Electrical and Computer Engineering (IJECE), vol. 9, no. 6, pp. 5570–5585, 2019.
[3] C. Cowan, F. Wagle, C. Pu, S. Beattie, and J. Walpole, “Buffer overflows: Attacks and defenses for
the Vulnerability of the decade,” in Proceedings DARPA Information Survivability Conference and Exposition,
DISCEX’00, IEEE, vol. 2, pp. 119-129, 2000.
[4] M. Nadeem, E. B. Allen, and B. J. Williams, “A method for recommending computer-security training for software
developers: Leveraging the power of static analysis techniques and vulnerability repositories,” in 2015 12th
International Conference on Information Technology-New Generations. IEEE, pp. 534–539, 2015.
[5] M. Nadeem, B.J. Williams, G.L. Bradshaw, and E.B. Allen, “Human subject evaluation of computersecurity
training recommender,” in IEEE 40th Annual Computer Software and Applications Conference (COMPSAC),
vol. 1, pp. 251–256, 2016.
[6] V. Raghavan and X. Zhang, “An integrative model of managing software security during information systems
development,” Journal of International Technology and Information Management, vol. 26, no. 4, pp. 83-109, 2017.
[7] S. Nashimoto, et al., “Intrusion prevention system inspired immune systems,” Indonesian Journal of Electrical
Engineering and Computer Science (IJEECS), vol. 2, no. 1, pp. 168–179, 2016.
[8] S. Nashimoto, et al., “Buffer overflow attack with multiple fault injection and a proven countermeasure,” Journal
of Cryptographic Engineering, vol. 7, no. 1, pp. 35–46, 2017.
[9] J. Ren, Z. Zheng, Q. Liu, Z. Wei, and H. Yan, “A buffer overflow prediction approach based on software metrics
and machine learning,” Security and Communication Networks, vol. 2019, 2019.
[10] N. McKelvey, “Developing a secure programming module to cope with modern vulnerabilities,” International
Journal of Information and Network Security, vol. 1, no. 1, paper. 41, 2012.
[11] W. Xie, J. Hu, P. K. Kudjo, L. Yu, and Z. Zeng, “A new detection method for stack overflow vulnerability based on
component binary code for third-party component,” in 2018 IEEE SmartWorld, Ubiquitous Intelligence &
Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data
Computing, Internet of People and Smart City Innovation. IEEE, pp. 1255–1259, 2018.
[12] M. Mouzarani, B. Sadeghiyan, and M. Zolfaghari, “A smart fuzzing method for detecting heap-based buffer
overflow in executable codes,” in 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing
(PRDC), IEEE, pp. 42–49, 2015.
[13] M. Mouzarani, B. Sadeghiyan, and M. Zolfaghari, “Smart fuzzing method for detecting stack-based buffer
overflow in binary codes,” IET Software, vol. 10, no. 4, pp. 96–107, 2016.
[14] W. Han, M. Ren, S. Tian, L. Ding, and Y. He, “Static analysis of format string vulnerabilities,” in 2011 First ACIS
International Symposium on Software and Network Engineering. IEEE, pp. 122–127, 2011.
[15] M. J. Khalsan and M. O. Agyeman, “An overview of prevention/mitigation against memory corruption attack,”
in Proceedings of the 2nd International Symposium on Computer Science and Intelligent Control, ACM,
paper. 42, 2018.
[16] B. Zhang, C. Feng, B. Wu, and C. Tang, “Detecting integer overflow in windows binary executables based on
symbolic execution,” in 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial
Intelligence, Networking and Parallel/Distributed Computing (SNPD), IEEE, pp. 385–390, 2016.
[17] C. Zhang, et al., “Intpatch: Automatically fix integer-overflow-tobuffer- overflow vulnerability at compile-time,”
in European Symposium on Research in Computer Security. Springer, pp. 71–86, 2010.
[18] P. Muntean, M. Monperrus, H. Sun, J. Grossklags, and C. Eckert, “Intrepair: Informed fixing of integer overflows,”
arXiv preprint arXiv: 1807.05092, 2018.
[19] A. Iyer and L. M. Liebrock, “Vulnerability scanning for buffer overflow,” in International Conference on
Information Technology: Coding and Computing, 2004. Proceedings, ITCC 2004, vol. 2, pp. 116–117, 2004.
[20] A. Shaw, D. Doggett, and M. Hafiz, “Automatically fixing c buffer overflows using program transformations,” in
2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 124–135, 2014.
11. Int J Elec & Comp Eng ISSN: 2088-8708
An automated approach to fix buffer overflows (Aamir Shahab)
3787
[21] T. Ye, L. Zhang, L. Wang, and X. Li, “An empirical study on detecting and fixing buffer overflow bugs,” in 2016
IEEE International Conference on Software Testing, Verification and Validation (ICST), IEEE, pp. 91–101, 2016
[22] M. Alenezi and Y. Javed, “Open source web application security: A static analysis approach,” in 2016 International
Conference on Engineering & MIS (ICEMIS), IEEE, pp. 1–5, 2016.
[23] F. Gao, L. Wang, X. Li, “Bovinspector: automatic inspection and repair of buffer overflow vulnerabilities,” in 2016
31st IEEE/ACM International Conference on Automated Software Engineering (ASE), IEEE, pp. 786–791, 2016.
[24] A. Ur, R. Jaffar, M. Nadeem, M. Alenezi, and Y. Javed, “Using public vulnerabilities data to self-heal security
issues in software systems,” ICIC Express Letters, vol. 13, pp. 557–567, 2019.
[25] J. Yuan and S. Ding, “A method for detecting buffer overflow vulnerabilities,” in 2011 IEEE 3rd International
Conference on Communication Software and Networks, pp. 188–192, 2011.
[26] M. Alenezi and Y. Javed, “Developer companion: A framework to produce secure web applications,” International
Journal of Computer Science and Information Security, vol. 14, pp. 12–16, 2016.
BIOGRAPHIES OF AUTHORS
Aamir Shahab holds a graduate degree in Computer Engineering from BUITEMS, Quetta (2019).
He obtained an undergraduate degree in Computer Engineering from Bahauddin Zakariya
University, Multan, Pakistan (2016). He is currently pursuing his Ph.D. program in Computer
Engineering with an emphasis on cybersecurity. He is serving as a visiting faculty member at
BUITEMS, Quetta. His researches are in the field of software security. He is affiliated with IEEE as
a student member. Besides, he is interested in Cyber Security research and training.
Mamdouh Alenezi is currently the Dean of Educational Services at Prince Sultan University.
Alenezi received his MS and Ph.D. degrees from DePaul University and North Dakota State
University in 2011 and 2014, respectively. Alenezi has published several journals and conference
papers about software security. He has extensive experience in data mining and machine learning
where he applied several data mining techniques to solve several Software Engineering problems.
He conducted several research areas and development of predictive models using machine learning
to predict fault-prone classes, comprehend source code, and predict the appropriate developer to be
assigned to a newly reported bug.
Muhammad Nadeem holds a doctorate degree in Computer Science from Mississippi State
University, United States. His field of specialization is Software Engineering with a specific focus
on Software Security. He is Fulbright alumnus and has been honored with Best University Teacher
Award byes and has also served as member organizing committee for IEEE ICE Cube Conference.
His skills include software development, automated static code analysis, vulnerability identification,
and mitigation of vulnerabilities based on industry best practices. He has been leading an in-house
software development teams in public sector organizations. He has also been rendering consultancy
services in the implementation of Oracle and PeopleSoft products in different public sector
organizations. He has presented his research on software security in several international ACM and
IEEE conferences in the United States. He is a professional member of IEEE and ACM. He is also
a reviewer for two international conferencnizations. He has also rendered services in academia,
including teaching in the United States, and has held different administrative positions.
Raja Asif Wagan was born in Jamshoro, Sindh Province, Pakistan in 1983. He received his
bachelor’s degree in computer science in 2005 from the University of Sindh, Pakistan. Furthermore,
he received his Masters of Information Technology from Universiti Utara Malaysia. Now he is
pursuing his Ph.D. in information and communication engineering at Harbin Engineering University,
Harbin, China. His research interests concentrate on routing protocols, wireless sensor networks, and
computer networks.