Visible to the public Biblio

Found 548 results

Filters: Keyword is Software  [Clear All Filters]
2022-08-12
Aslanyan, Hayk, Arutunian, Mariam, Keropyan, Grigor, Kurmangaleev, Shamil, Vardanyan, Vahagn.  2020.  BinSide : Static Analysis Framework for Defects Detection in Binary Code. 2020 Ivannikov Memorial Workshop (IVMEM). :3–8.
Software developers make mistakes that can lead to failures of a software product. One approach to detect defects is static analysis: examine code without execution. Currently, various source code static analysis tools are widely used to detect defects. However, source code analysis is not enough. The reason for this is the use of third-party binary libraries, the unprovability of the correctness of all compiler optimizations. This paper introduces BinSide : binary static analysis framework for defects detection. It does interprocedural, context-sensitive and flow-sensitive analysis. The framework uses platform independent intermediate representation and provide opportunity to analyze various architectures binaries. The framework includes value analysis, reaching definition, taint analysis, freed memory analysis, constant folding, and constant propagation engines. It provides API (application programming interface) and can be used to develop new analyzers. Additionally, we used the API to develop checkers for classic buffer overflow, format string, command injection, double free and use after free defects detection.
2022-08-04
Boubakri, Marouene, Chiatante, Fausto, Zouari, Belhassen.  2021.  Towards a firmware TPM on RISC-V. 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE). :647—650.
To develop the next generation of Internet of Things, Edge devices and systems which leverage progress in enabling technologies such as 5G, distributed computing and artificial intelligence (AI), several requirements need to be developed and put in place to make the devices smarter. A major requirement for all the above applications is the long-term security and trust computing infrastructure. Trusted Computing requires the introduction inside of the platform of a Trusted Platform Module (TPM). Traditionally, a TPM was a discrete and dedicated module plugged into the platform to give TPM capabilities. Recently, processors manufacturers started integrating trusted computing features into their processors. A significant drawback of this approach is the need for a permanent modification of the processor microarchitecture. In this context, we suggest an analysis and a design of a software-only TPM for RISC-V processors based on seL4 microkernel and OP-TEE.
2022-08-03
Laputenko, Andrey.  2021.  Assessing Trustworthiness of IoT Applications Using Logic Circuits. 2021 IEEE East-West Design & Test Symposium (EWDTS). :1—4.
The paper describes a methodology for assessing non-functional requirements, such as trust characteristics for applications running on computationally constrained devices in the Internet of Things. The methodology is demonstrated through an example of a microcontroller-based temperature monitoring system. The concepts of trust and trustworthiness for software and devices of the Internet of Things are complex characteristics for describing the correct and secure operation of such systems and include aspects of operational and information security, reliability, resilience and privacy. Machine learning models, which are increasingly often used for such tasks in recent years, are resource-consuming software implementations. The paper proposes to use a logic circuit model to implement the above algorithms as an additional module for computationally constrained devices for checking the trustworthiness of applications running on them. Such a module could be implemented as a hardware, for example, as an FPGA in order to achieve more effectiveness.
Gao, Xiaotong, Ma, Yanfang, Zhou, Wei.  2021.  The Trustworthiness Measurement Model of Component-based Software Based on the Subjective and Objective Weight Allocation Method. 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C). :478—486.
Software trustworthiness includes many attributes. Reasonable weight allocation of trustworthy attributes plays a key role in the software trustworthiness measurement. In practical application, attribute weight usually comes from experts' evaluation to attributes and hidden information derived from attributes. Therefore, when the weight of attributes is researched, it is necessary to consider weight from subjective and objective aspects. Firstly, a novel weight allocation method is proposed by combining the Fuzzy Analytical Hierarchy Process (FAHP) method and the Criteria Importance Though Intercrieria Correlation (CRITIC) method. Secondly, based on the weight allocation method, the trustworthiness measurement models of component-based software are established according to the four combination structures of components. Thirdly, some metric criteria of the model are proved to verify the reasonability. Finally, a case is used to illustrate the practicality of the model.
2022-08-02
Hardin, David S., Slind, Konrad L..  2021.  Formal Synthesis of Filter Components for Use in Security-Enhancing Architectural Transformations. 2021 IEEE Security and Privacy Workshops (SPW). :111—120.

Safety- and security-critical developers have long recognized the importance of applying a high degree of scrutiny to a system’s (or subsystem’s) I/O messages. However, lack of care in the development of message-handling components can lead to an increase, rather than a decrease, in the attack surface. On the DARPA Cyber-Assured Systems Engineering (CASE) program, we have focused our research effort on identifying cyber vulnerabilities early in system development, in particular at the Architecture development phase, and then automatically synthesizing components that mitigate against the identified vulnerabilities from high-level specifications. This approach is highly compatible with the goals of the LangSec community. Advances in formal methods have allowed us to produce hardware/software implementations that are both performant and guaranteed correct. With these tools, we can synthesize high-assurance “building blocks” that can be composed automatically with high confidence to create trustworthy systems, using a method we call Security-Enhancing Architectural Transformations. Our synthesis-focused approach provides a higherleverage insertion point for formal methods than is possible with post facto analytic methods, as the formal methods tools directly contribute to the implementation of the system, without requiring developers to become formal methods experts. Our techniques encompass Systems, Hardware, and Software Development, as well as Hardware/Software Co-Design/CoAssurance. We illustrate our method and tools with an example that implements security-improving transformations on system architectures expressed using the Architecture Analysis and Design Language (AADL). We show how message-handling components can be synthesized from high-level regular or context-free language specifications, as well as a novel specification language for self-describing messages called Contiguity Types, and verified to meet arithmetic constraints extracted from the AADL model. Finally, we guarantee that the intent of the message processing logic is accurately reflected in the application binary code through the use of the verified CakeML compiler, in the case of software, or the Restricted Algorithmic C toolchain with ACL2-based formal verification, in the case of hardware/software co-design.

2022-07-29
Wang, Junchao, Pang, Jianmin, Shan, Zheng, Wei, Jin, Yao, Jinyang, Liu, Fudong.  2021.  A Software Diversity-Based Lab in Operating System for Cyber Security Students. 2021 IEEE 3rd International Conference on Computer Science and Educational Informatization (CSEI). :296—299.
The course of operating system's labs usually fall behind the state of art technology. In this paper, we propose a Software Diversity-Assisted Defense (SDAD) lab based on software diversity, mainly targeting for students majoring in cyber security and computer science. This lab is consisted of multiple modules and covers most of the important concepts and principles in operating systems. Thus, the knowledge learned from the theoretical course will be deepened with the lab. For students majoring in cyber security, they can learn this new software diversity-based defense technology and understand how an exploit works from the attacker's side. The experiment is also quite stretchable, which can fit all level students.
Ménétrey, Jämes, Pasin, Marcelo, Felber, Pascal, Schiavoni, Valerio.  2021.  Twine: An Embedded Trusted Runtime for WebAssembly. 2021 IEEE 37th International Conference on Data Engineering (ICDE). :205—216.
WebAssembly is an Increasingly popular lightweight binary instruction format, which can be efficiently embedded and sandboxed. Languages like C, C++, Rust, Go, and many others can be compiled into WebAssembly. This paper describes Twine, a WebAssembly trusted runtime designed to execute unmodified, language-independent applications. We leverage Intel SGX to build the runtime environment without dealing with language-specific, complex APIs. While SGX hardware provides secure execution within the processor, Twine provides a secure, sandboxed software runtime nested within an SGX enclave, featuring a WebAssembly system interface (WASI) for compatibility with unmodified WebAssembly applications. We evaluate Twine with a large set of general-purpose benchmarks and real-world applications. In particular, we used Twine to implement a secure, trusted version of SQLite, a well-known full-fledged embeddable database. We believe that such a trusted database would be a reasonable component to build many larger application services. Our evaluation shows that SQLite can be fully executed inside an SGX enclave via WebAssembly and existing system interface, with similar average performance overheads. We estimate that the performance penalties measured are largely compensated by the additional security guarantees and its full compatibility with standard WebAssembly. An indepth analysis of our results indicates that performance can be greatly improved by modifying some of the underlying libraries. We describe and implement one such modification in the paper, showing up to 4.1 × speedup. Twine is open-source, available at GitHub along with instructions to reproduce our experiments.
Sever, Pop Septimiu, Vlad, Bande.  2021.  LC Oscillator Design Used in Sensor Measurement Based on Embedded Technology. 2021 IEEE 27th International Symposium for Design and Technology in Electronic Packaging (SIITME). :125–128.
This paper emphasizes the implementation of a conditioning circuit specific for an inductive or capacitive sensor. There are some inductive sensors, such as the proximity sensor, for which the inductance is dependent with the distance, or capacitive sensors strongly dependent with the humidity, distance, etc. This category of sensors is suitable for AC domain excitation from the measurement procedure point of view. Taking into consideration the fabrication technology, the measured physical quantity is being encoded as frequency or amplitude. To generate a sinusoidal signal with constant frequency and amplitude, the Colpitts or Hartley oscillators can be used [1], [2]. But the novelty of this paper is a different approach which reveals a microcontroller-based technology where the LC circuit works in an oscillating regime even though there is an underdamped oscillation behavior. For the oscillations’ occurrence, there will be a periodical energy injection using a driving source. One of the main advantages of the mentioned circuit is the small component number. The central unit of the embedded system will fulfil two functions: maintains the oscillating regime and measures the amplitude or frequency of the output signal. In this way, the built embedded system will be robust and easy to use due to its software configuration capabilities. As a plus, such a system can measure additional sensors used in environment parameters’ compensating procedure.
Wise, Michael, Al-Badri, Maher, Loeffler, Benjamin, Kasper, Jeremy.  2021.  A Novel Vertically Oscillating Hydrokinetic Energy Harvester. 2021 IEEE Conference on Technologies for Sustainability (SusTech). :1–8.
This paper presents the results of a multifaceted study of the behavior of a novel hydrokinetic energy harvester that utilizes vertical oscillations. Unlike traditional rotating turbines used in hydrokinetic energy, this particular device utilizes the fluid structure interactions of vortex-induced-vibration and gallop. Due to the unique characteristics of this vertical motion, a thorough examination of the proposed system was conducted via a three-pronged approach of simulation, emulation, and field testing. Using a permanent magnet synchronous generator as the electrical power generation source, an electrical power conversion system was simulated, emulated, and tested to achieve appropriate power smoothing for use in microgrid systems present in many Alaskan rural locations.
Ismaeel, Khaled, Naumchev, Alexandr, Sadovykh, Andrey, Truscan, Dragos, Enoiu, Eduard Paul, Seceleanu, Cristina.  2021.  Security Requirements as Code: Example from VeriDevOps Project. 2021 IEEE 29th International Requirements Engineering Conference Workshops (REW). :357–363.
This position paper presents and illustrates the concept of security requirements as code – a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.
Liu, Wei, Zhao, Tao.  2021.  Vulnerability Assessment and Attack Simulation of Power IoT Based on the Attractiveness of Equipment Assets. 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). 4:1246—1250.
With the rapid development of the electric power Internet-of-Things (power IoT) technology and the widespread use of general-purpose software, hardware and network facilities, the power IoT has become more and more open, which makes the traditional power system face new cyber security threats. In order to find the vulnerable device nodes and attack links in the power IoT system, this paper studies a set of attack path calculation methods and vulnerability node discovery algorithms, which can construct a power IoT attack simulation program based on the value of equipment assets and information attributes. What’s more, this paper has carried on the example analysis and verification on the improved IEEE RBTS Bus 2 system. Based on the above research plan, this paper finally developed a set of power IoT attack simulation tool based on distribution electronic stations, which can well find the vulnerable devices in the system.
2022-07-28
Ruohonen, Jukka, Hjerppe, Kalle, Rindell, Kalle.  2021.  A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI. 2021 18th International Conference on Privacy, Security and Trust (PST). :1—10.
Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities. This paper examines various security issues in Python packages with static analysis. The dataset is based on a snapshot of all packages stored to the Python Package Index (PyPI). In total, over 197 thousand packages and over 749 thousand security issues are covered. Even under the constraints imposed by static analysis, (a) the results indicate prevalence of security issues; at least one issue is present for about 46% of the Python packages. In terms of the issue types, (b) exception handling and different code injections have been the most common issues. The subprocess module stands out in this regard. Reflecting the generally small size of the packages, (c) software size metrics do not predict well the amount of issues revealed through static analysis. With these results and the accompanying discussion, the paper contributes to the field of large-scale empirical studies for better understanding security problems in software ecosystems.
Ami, Amit Seal, Kafle, Kaushal, Nadkarni, Adwait, Poshyvanyk, Denys, Moran, Kevin.  2021.  µSE: Mutation-Based Evaluation of Security-Focused Static Analysis Tools for Android. 2021 IEEE/ACM 43rd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion). :53—56.
This demo paper presents the technical details and usage scenarios of μSE: a mutation-based tool for evaluating security-focused static analysis tools for Android. Mutation testing is generally used by software practitioners to assess the robustness of a given test-suite. However, we leverage this technique to systematically evaluate static analysis tools and uncover and document soundness issues.μSE's analysis has found 25 previously undocumented flaws in static data leak detection tools for Android.μSE offers four mutation schemes, namely Reachability, Complex-reachability, TaintSink, and ScopeSink, which determine the locations of seeded mutants. Furthermore, the user can extend μSE by customizing the API calls targeted by the mutation analysis.μSE is also practical, as it makes use of filtering techniques based on compilation and execution criteria that reduces the number of ineffective mutations.
2022-07-15
Figueiredo, Cainã, Lopes, João Gabriel, Azevedo, Rodrigo, Zaverucha, Gerson, Menasché, Daniel Sadoc, Pfleger de Aguiar, Leandro.  2021.  Software Vulnerabilities, Products and Exploits: A Statistical Relational Learning Approach. 2021 IEEE International Conference on Cyber Security and Resilience (CSR). :41—46.
Data on software vulnerabilities, products and exploits is typically collected from multiple non-structured sources. Valuable information, e.g., on which products are affected by which exploits, is conveyed by matching data from those sources, i.e., through their relations. In this paper, we leverage this simple albeit unexplored observation to introduce a statistical relational learning (SRL) approach for the analysis of vulnerabilities, products and exploits. In particular, we focus on the problem of determining the existence of an exploit for a given product, given information about the relations between products and vulnerabilities, and vulnerabilities and exploits, focusing on Industrial Control Systems (ICS), the National Vulnerability Database and ExploitDB. Using RDN-Boost, we were able to reach an AUC ROC of 0.83 and an AUC PR of 0.69 for the problem at hand. To reach that performance, we indicate that it is instrumental to include textual features, e.g., extracted from the description of vulnerabilities, as well as structured information, e.g., about product categories. In addition, using interpretable relational regression trees we report simple rules that shed insight on factors impacting the weaponization of ICS products.
2022-07-14
Nariezhnii, Oleksii, Grinenko, Tetiana.  2021.  Method for Increasing the Accuracy of the Synchronization of Generation Random Sequences Using Control and Correction Stations. 2021 IEEE 8th International Conference on Problems of Infocommunications, Science and Technology (PIC S&T). :309—314.
This article describes the process of synchronizing the generation of random sequences by a quantum random number generator (QRNG) that can be used as secret keys for known cryptographic transformations. The subject of the research is a method for synchronizing the generation of random QRNG sequences based on L1 (C/A) signals of the global positioning system (GPS) using control correcting information received from control correcting stations.
Sintyaningrum, Desti Eka, Muladi, Ashar, Muhammad.  2021.  The Encryption of Electronic Professional Certificate by Using Digital Signature and QR Code. 2021 International Conference on Converging Technology in Electrical and Information Engineering (ICCTEIE). :19–24.
In Indonesia, there have been many certificates forgery happened. The lack of security system for the certificate and the difficulty in verification process toward the authenticity certificate become the main factor of the certificate forgery cases happen. The aim of this research is to improve the security system such digital signature and QR code to authenticate the authenticity certificate and to facilitate the user in verify their certificate and also to minimize the certificate forgery cases. The aim of this research is to improve the security system such digital signature and QR code to authenticate the authenticity certificate and to facilitate the user in verify their certificate and also to minimize the certificate forgery cases. The application is built in web system to facilitate the user to access it everywhere and any time. This research uses Research and Development method for problem analysis and to develop application using Software Development Life Cycle method with waterfall approach. Black box testing is chosen as testing method for each function in this system. The result of this research is creatcate application that’s designed to support the publishing and the verification of the electronic authenticity certificate by online. There are two main schemes in system: the scheme in making e-certificate and the scheme of verification QR Code. There is the electronic professional certificate application by applying digital signature and QR Code. It can publish e-certificate that can prevent from criminal action such certificate forgery, that’s showed in implementation and can be proven in test.
Razaque, Abdul, Alexandrov, Vladislav, Almiani, Muder, Alotaibi, Bandar, Alotaibi, Munif, Al-Dmour, Ayman.  2021.  Comparative Analysis of Digital Signature and Elliptic Curve Digital Signature Algorithms for the Validation of QR Code Vulnerabilities. 2021 Eighth International Conference on Software Defined Systems (SDS). :1–7.
Quick response (QR) codes are currently used ubiq-uitously. Their interaction protocol design is initially unsecured. It forces users to scan QR codes, which makes it harder to differentiate a genuine code from a malicious one. Intruders can change the original QR code and make it fake, which can lead to phishing websites that collect sensitive data. The interaction model can be improved and made more secure by adding some modifications to the backend side of the application. This paper addresses the vulnerabilities of QR codes and recommends improvements in security design. Furthermore, two state-of-the-art algorithms, Digital Signature (DS) and Elliptic Curve Digital Signature (ECDS), are analytically compared to determine their strengths in QR code security.
Lei Lei, Joanna Tan, Chuin, Liew Siau, Ernawan, Ferda.  2021.  An Image Watermarking based on Multi-level Authentication for Quick Response Code. 2021 International Conference on Software Engineering & Computer Systems and 4th International Conference on Computational Science and Information Management (ICSECS-ICOCSIM). :417–422.
This research presented a digital watermarking scheme using multi-level authentication for protecting QR code images in order to provide security and authenticity. This research focuses on the improved digital watermarking scheme for QR code security that can protect the confidentiality of the information stored in QR code images from the public. Information modification, malicious attack, and copyright violation may occur due to weak security and disclosure pattern of QR code. Digital watermarking can be a solution to reduce QR code imitation and increase QR code security and authenticity. The objectives of this research are to provide QR code image authentication and security, tamper localization, and recovery scheme on QR code images. This research proposed digital watermarking for QR code images based on multi-level authentication with Least Significant Bit (LSB) and SHA-256 hash function. The embedding and extracting watermark utilized region of Interest (ROI) and Region of Non-Interest (RONI) in the spatial domain for improving the depth and width of QR code application in the anti-counterfeiting field. The experiments tested the reversibility and robustness of the proposed scheme after a tempered watermarked QR code image. The experimental results show that the proposed scheme provides multi-level security, withstands tampered attacks and it provided high imperceptibility of QR code image.
2022-07-12
Farion-Melnyk, Antonina, Rozheliuk, Viktoria, Slipchenko, Tetiana, Banakh, Serhiy, Farion, Mykhailyna, Bilan, Oksana.  2021.  Ransomware Attacks: Risks, Protection and Prevention Measures. 2021 11th International Conference on Advanced Computer Information Technologies (ACIT). :473—478.
This article is about the current situation of cybercrime activity in the world. Research was planned to seek the possible protection measures taking into account the last events which might create an appropriate background for increasing of ransomware damages and cybercrime attacks. Nowadays, the most spread types of cybercrimes are fishing, theft of personal or payment data, cryptojacking, cyberespionage and ransomware. The last one is the most dangerous. It has ability to spread quickly and causes damages and sufficient financial loses. The major problem of this ransomware type is unpredictability of its behavior. It could be overcome only after the defined ransom was paid. This conditions created an appropriate background for the activation of cyber criminals’ activity even the organization of cyber gangs – professional, well-organized and well-prepared (tactical) group. So, researches conducted in this field have theoretical and practical value in the scientific sphere of research.
Ivanov, Michael A., Kliuchnikova, Bogdana V., Chugunkov, Ilya V., Plaksina, Anna M..  2021.  Phishing Attacks and Protection Against Them. 2021 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus). :425—428.
Phishing, ransomware and cryptojacking are the main threats to cyber security in recent years. We consider the stages of phishing attacks, examples of such attacks, specifically, attacks using ransomware, malicious PDF files, and banking trojans. The article describes the specifics of phishing emails. Advices on phishing protection are given.
2022-06-10
Kropp, Alexander, Schwalbe, Mario, Tsokalo, Ievgenii A., Süβkraut, Martin, Schmoll, Robert-Steve, Fitzek, Frank H.P..  2021.  Reliable Control for Robotics - Hardware Resilience Powered by Software. 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). :1–2.
Industry 4.0 is now much more than just a buzzword. However, with the advancement of automation through digitization and softwarization of dedicated hardware, applications are also becoming more susceptible to random hardware errors in the calculation. This cyber-physical demonstrator uses a robotic application to show the effects that even single bit flips can have in the real world due to hardware errors. Using the graphical user interface including the human machine interface, the audience can generate hardware errors in the form of bit flips and see their effects live on the robot. In this paper we will be showing a new technology, the SIListra Safety Transformer (SST), that makes it possible to detect those kind of random hardware errors, which can subsequently make safety-critical applications more reliable.
2022-06-09
Jung, Wonkyung, Lee, Eojin, Kim, Sangpyo, Kim, Namhoon, Lee, Keewoo, Min, Chohong, Cheon, Jung Hee, Ahn, Jung Ho.  2021.  Accelerating Fully Homomorphic Encryption Through Microarchitecture-Aware Analysis and Optimization. 2021 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS). :237–239.
Homomorphic Encryption (HE) [11] draws significant attention as a privacy-preserving way for cloud computing because it allows computation on encrypted messages called ciphertexts. Among numerous FHE schemes [2]–[4], [8], [9], HE for Arithmetic of Approximate Numbers (HEAAN [3]), which is also known as CKKS (Cheon-Kim-Kim-Song), is rapidly gaining popularity [10] as it supports computation on real numbers. A critical shortcoming of HE is the high computational complexity of ciphertext arithmetic, especially, HE multiplication (HE Mul). For example, the execution time for computation on encrypted data (ciphertext) increases from 100s to 10,000s of times compared to that on native, unen-crypted messages. However, a large body of HE acceleration studies, including ones exploiting GPUs and FPGAs, lack a rigorous analysis of computational complexity and data access patterns of HE Mul with large parameter sets on CPUs, the most popular computing platform.
2022-06-08
Imtiaz, Sayem Mohammad, Sultana, Kazi Zakia, Varde, Aparna S..  2021.  Mining Learner-friendly Security Patterns from Huge Published Histories of Software Applications for an Intelligent Tutoring System in Secure Coding. 2021 IEEE International Conference on Big Data (Big Data). :4869–4876.
Security patterns are proven solutions to recurring problems in software development. The growing importance of secure software development has introduced diverse research efforts on security patterns that mostly focused on classification schemes, evolution and evaluation of the patterns. Despite a huge mature history of research and popularity among researchers, security patterns have not fully penetrated software development practices. Besides, software security education has not been benefited by these patterns though a commonly stated motivation is the dissemination of expert knowledge and experience. This is because the patterns lack a simple embodiment to help students learn about vulnerable code, and to guide new developers on secure coding. In order to address this problem, we propose to conduct intelligent data mining in the context of software engineering to discover learner-friendly software security patterns. Our proposed model entails knowledge discovery from large scale published real-world vulnerability histories in software applications. We harness association rule mining for frequent pattern discovery to mine easily comprehensible and explainable learner-friendly rules, mainly of the type "flaw implies fix" and "attack type implies flaw", so as to enhance training in secure coding which in turn would augment secure software development. We propose to build a learner-friendly intelligent tutoring system (ITS) based on the newly discovered security patterns and rules explored. We present our proposed model based on association rule mining in secure software development with the goal of building this ITS. Our proposed model and prototype experiments are discussed in this paper along with challenges and ongoing work.
2022-06-07
Graham, Martin, Kukla, Robert, Mandrychenko, Oleksii, Hart, Darren, Kennedy, Jessie.  2021.  Developing Visualisations to Enhance an Insider Threat Product: A Case Study. 2021 IEEE Symposium on Visualization for Cyber Security (VizSec). :47–57.
This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform’s data formats, the rationale behind the visualisations’ design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.
2022-06-06
Assarandarban, Mona, Bhowmik, Tanmay, Do, Anh Quoc, Chekuri, Surendra, Wang, Wentao, Niu, Nan.  2021.  Foraging-Theoretic Tool Composition: An Empirical Study on Vulnerability Discovery. 2021 IEEE 22nd International Conference on Information Reuse and Integration for Data Science (IRI). :139–146.

Discovering vulnerabilities is an information-intensive task that requires a developer to locate the defects in the code that have security implications. The task is difficult due to the growing code complexity and some developer's lack of security expertise. Although tools have been created to ease the difficulty, no single one is sufficient. In practice, developers often use a combination of tools to uncover vulnerabilities. Yet, the basis on which different tools are composed is under explored. In this paper, we examine the composition base by taking advantage of the tool design patterns informed by foraging theory. We follow a design science methodology and carry out a three-step empirical study: mapping 34 foraging-theoretic patterns in a specific vulnerability discovery tool, formulating hypotheses about the value and cost of foraging when considering two composition scenarios, and performing a human-subject study to test the hypotheses. Our work offers insights into guiding developers' tool usage in detecting software vulnerabilities.