Visible to the public Biblio

Filters: Keyword is expert systems  [Clear All Filters]
2020-03-09
Hettiarachchi, Charitha, Do, Hyunsook.  2019.  A Systematic Requirements and Risks-Based Test Case Prioritization Using a Fuzzy Expert System. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS). :374–385.
The use of risk information can help software engineers identify software components that are likely vulnerable or require extra attention when testing. Some studies have shown that the requirements risk-based approaches can be effective in improving the effectiveness of regression testing techniques. However, the risk estimation processes used in such approaches can be subjective, time-consuming, and costly. In this research, we introduce a fuzzy expert system that emulates human thinking to address the subjectivity related issues in the risk estimation process in a systematic and an efficient way and thus further improve the effectiveness of test case prioritization. Further, the required data for our approach was gathered by employing a semi-automated process that made the risk estimation process less subjective. The empirical results indicate that the new prioritization approach can improve the rate of fault detection over several existing test case prioritization techniques, while reducing threats to subjective risk estimation.
2020-01-02
\v Siser, Anton, Mari\v s, Ladislav, \v Rehák, David, Pellowski, Witalis.  2018.  The Use of Expert Judgement as the Method to Obtain Delay Time Values of Passive Barriers in the Context of the Physical Protection System. 2018 International Carnahan Conference on Security Technology (ICCST). :1–5.
Due to its costly and time-consuming nature and a wide range of passive barrier elements and tools for their breaching, testing the delay time of passive barriers is only possible as an experimental tool to verify expert judgements of said delay times. The article focuses on the possibility of creating and utilizing a new method of acquiring values of delay time for various passive barrier elements using expert judgements which could add to the creation of charts where interactions between the used elements of mechanical barriers and the potential tools for their bypassing would be assigned a temporal value. The article consists of basic description of methods of expert judgements previously applied for making prognoses of socio-economic development and in other societal areas, which are called soft system. In terms of the problem of delay time, this method needed to be modified in such a way that the prospective output would be expressible by a specific quantitative value. To achieve this goal, each stage of the expert judgements was adjusted to the use of suitable scientific methods to select appropriate experts and then to achieve and process the expert data. High emphasis was placed on evaluation of quality and reliability of the expert judgements, which takes into account the specifics of expert selection such as their low numbers, specialization and practical experience.
Alam, Md Jamshed, Kamrul, MD. Imtiaz, Zia Ur Rashid, S. M., Rashid, Syed Zahidur.  2018.  An Expert System Based on Belief Rule to Assess Bank Surveillance Security. 2018 International Conference on Innovations in Science, Engineering and Technology (ICISET). :451–454.
Surveillance is the monitoring of the behavior, activities or other changing information whereas security means the state of being protected from harmful activities. Nowadays proper surveillance security is considered as a challenging issue in the world and security has become a major concern from real life to virtual life. Tech-giants are implementing new solutions & techniques for better security assessment. This paper illustrates the design and implementation of a Belief Rule Based Expert System (BRBES) to overcome the uncertainty problems during bank security assessment. The proposed expert system has been developed based on generic Belief Rule Based (BRB) inference methodology using Evidential Reasoning algorithm (RIMER). Real-time security data has been taken from several banks of Bangladesh in conjunction with the expert's opinion to construct the knowledge base. This expert system provides more reliable and effective result under uncertainties which is better than any other traditional expert's prediction. Real life case studies were used for the validation of this system. Also, the outcome is compared with the real-life security system. Furthermore, the architectural design, implementation and utilization of an expert system to assess bank security under uncertainty are also discussed in this paper.
Shabanov, Boris, Sotnikov, Alexander, Palyukh, Boris, Vetrov, Alexander, Alexandrova, Darya.  2019.  Expert System for Managing Policy of Technological Security in Uncertainty Conditions: Architectural, Algorithmic, and Computing Aspects. 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :1716–1721.

The paper discusses the architectural, algorithmic and computing aspects of creating and operating a class of expert system for managing technological safety of an enterprise, in conditions of a large flow of diagnostic variables. The algorithm for finding a faulty technological chain uses expert information, formed as a set of evidence on the influence of diagnostic variables on the correctness of the technological process. Using the Dempster-Schafer trust function allows determining the overall probability measure on subsets of faulty process chains. To combine different evidence, the orthogonal sums of the base probabilities determined for each evidence are calculated. The procedure described above is converted into the rules of the knowledge base production. The description of the developed prototype of the expert system, its architecture, algorithmic and software is given. The functionality of the expert system and configuration tools for a specific type of production are under discussion.

Yu, Jianguo, Tian, Pei, Feng, Haonan, Xiao, Yan.  2018.  Research and Design of Subway BAS Intrusion Detection Expert System. 2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :152–156.
The information security of urban rail transit system faces great challenges. As a subsystem of the subway, BAS is short for Building Automation System, which is used to monitor and manage subway equipment and environment, also facing the same problem. Based on the characteristics of BAS, this paper designed a targeted intrusion detection expert system. This paper focuses on the design of knowledge base and the inference engine of intrusion detection system based on expert system. This study laid the foundation for the research on information security of the entire rail transit system.
Talasila, Prasad, Kakrambe, Mihir, Rai, Anurag, Santy, Sebastin, Goveas, Neena, Deshpande, Bharat M..  2018.  BITS Darshini: A Modular, Concurrent Protocol Analyzer Workbench. Proceedings of the 19th International Conference on Distributed Computing and Networking. :54:1–54:10.
Network measurements are essential for troubleshooting and active management of networks. Protocol analysis of captured network packet traffic is an important passive network measurement technique used by researchers and network operations engineers. In this work, we present a measurement workbench tool named BITS Darshini (Darshini in short) to enable scientific network measurements. We have created Darshini as a modular, concurrent web application that stores experimental meta-data and allows users to specify protocol parse graphs. Darshini performs protocol analysis on a concurrent pipeline architecture, persists the analysis to a database and provides the analysis results via a REST API service. We formulate the problem of mapping protocol parse graph to a concurrent pipeline as a graph embedding problem. Our tool, Darshini, performs protocol analysis up to transport layer and is suitable for the study of small and medium-sized networks. Darshini enables secure collaboration and consultations with experts.
Jung, Byungho, Kim, Taeguen, Im, Eul Gyu.  2018.  Malware Classification Using Byte Sequence Information. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :143–148.
The number of new malware and new malware variants have been increasing continuously. Security experts analyze malware to capture the malicious properties of malware and to generate signatures or detection rules, but the analysis overheads keep increasing with the increasing number of malware. To analyze a large amount of malware, various kinds of automatic analysis methods are in need. Recently, deep learning techniques such as convolutional neural network (CNN) and recurrent neural network (RNN) have been applied for malware classifications. The features used in the previous approches are mostly based on API (Application Programming Interface) information, and the API invocation information can be obtained through dynamic analysis. However, the invocation information may not reflect malicious behaviors of malware because malware developers use various analysis avoidance techniques. Therefore, deep learning-based malware analysis using other features still need to be developed to improve malware analysis performance. In this paper, we propose a malware classification method using the deep learning algorithm based on byte information. Our proposed method uses images generated from malware byte information that can reflect malware behavioral context, and the convolutional neural network-based sentence analysis is used to process the generated images. We performed several experiments to show the effecitveness of our proposed method, and the experimental results show that our method showed higher accuracy than the naive CNN model, and the detection accuracy was about 99%.
Aslan, Ça\u grı B., Sa\u glam, Rahime Belen, Li, Shujun.  2018.  Automatic Detection of Cyber Security Related Accounts on Online Social Networks: Twitter As an Example. Proceedings of the 9th International Conference on Social Media and Society. :236–240.
Recent studies have revealed that cyber criminals tend to exchange knowledge about cyber attacks in online social networks (OSNs). Cyber security experts are another set of information providers on OSNs who frequently share information about cyber security incidents and their personal opinions and analyses. Therefore, in order to improve our knowledge about evolving cyber attacks and the underlying human behavior for different purposes (e.g., crime investigation, understanding career development of cyber criminals and cyber security professionals, detection of impeding cyber attacks), it will be very useful to detect cyber security related accounts on OSNs automatically, and monitor their activities. This paper reports our preliminarywork on automatic detection of cyber security related accounts on OSNs using Twitter as an example. Three machine learning based classification algorithms were applied and compared: decision trees, random forests, and SVM (support vector machines). Experimental results showed that both decision trees and random forests had performed well with an overall accuracy over 95%, and when random forests were used with behavioral features the accuracy had reached as high as 97.877%.
Trotter, Ludwig, Prange, Sarah, Khamis, Mohamed, Davies, Nigel, Alt, Florian.  2018.  Design Considerations for Secure and Usable Authentication on Situated Displays. Proceedings of the 17th International Conference on Mobile and Ubiquitous Multimedia. :483–490.
Users often need to authenticate at situated displays in order to, for example, make purchases, access sensitive information, or confirm an identity. However, the exposure of interactions in public spaces introduces a large attack surface (e.g., observation, smudge or thermal attacks). A plethora of authentication models and input modalities that aim at disguising users' input has been presented in the past. However, a comprehensive analysis on the requirements for secure and usable authentication on public displays is still missing. This work presents 13 design considerations suitable to inform practitioners and researchers during the development process of authentication systems for situated displays in public spaces. It draws on a comprehensive analysis of prior literature and subsequent discussion with five experts in the fields of pervasive displays, human-computer-interaction and usable security.
Ur, Blase.  2018.  SIGCHI Outstanding Dissertation Award – Supporting Password Decisions with Data. Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems. :Award1:1–Award1:3.
Abstract Despite decades of research into developing abstract security advice and improving interfaces, users still struggle to make passwords. Users frequently create passwords that are predictable for attackers [1, 9] or make other decisions (e.g., reusing the same password across accounts) that harm their security [2, 8]. In this thesis,1 I use data-driven methods to better understand how users choose passwords and how attackers guess passwords. I then combine these insights into a better password-strength meter that provides real-time, data-driven feedback about the user's password. I first quantify the impact on password security and usability of showing users different password-strength meters that score passwords using basic heuristics. I find in a 2,931- participant online study that meters that score passwords stringently and present their strength estimates visually lead users to create stronger passwords without significantly impacting password memorability [6]. Second, to better understand how attackers guess passwords, I perform comprehensive experiments on password-cracking approaches. I find that simply running these approaches in their default configuration is insufficient, but considering multiple well-configured approaches in parallel can serve as a proxy for guessing by an expert in password forensics [9]. The third and fourth sections of this thesis delve further into how users choose passwords. Through a series of analyses, I pinpoint ways in which users structure semantically significant content in their passwords [7]. I also examine the relationship between users' perceptions of password security and passwords' actual security, finding that while users often correctly judge the security impact of individual password characteristics, wide variance in their understanding of attackers may lead users to judge predictable passwords as sufficiently strong [5]. Finally, I integrate these insights into an open-source2 password-strength meter that gives users data-driven feedback about their specific password. This meter uses neural networks [3] and numerous carefully combined heuristics to score passwords and generate data-driven text feedback about a given password. I evaluate this meter through a ten-participant laboratory study and 4,509-participant online study [4]. Under the more common password-composition policy we tested, we find that the data-driven meter with detailed feedback leads users to create more secure, and no less memorable, passwords than a meter with only a bar as a strength indicator. In sum, the objective of this thesis is to demonstrate how integrating data-driven insights about how users create and how attackers guess passwords into a tool that presents real-time feedback can help users make better passwords.
Wolf, Flynn, Kuber, Ravi, Aviv, Adam J..  2018.  How Do We Talk Ourselves Into These Things? Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems. :LBW502:1–LBW502:6.

Biometric authentication offers promise for mobile security, but its adoption can be controversial, both from a usability and security perspective. We describe a preliminary study, comparing recollections of biometric adoption by computer security experts and non-experts collected in semi-structured interviews. Initial decisions and thought processes around biometric adoption were recalled, as well as changes in those views over time. These findings should serve to better inform security education across differing levels of technical experience. Preliminary findings indicate that both user groups were influenced by similar sources of information; however, expert users differed in having more professional requirements affecting choices (e.g., BYOD). Furthermore, experts often added biometric authentication methods opportunistically during device updates, despite describing higher security concern and caution. Non-experts struggled with the setting up fingerprint biometrics, leading to poor adoption. Further interviews are still being conducted.

Gallagher, Kevin, Patil, Sameer, Dolan-Gavitt, Brendan, McCoy, Damon, Memon, Nasir.  2018.  Peeling the Onion's User Experience Layer: Examining Naturalistic Use of the Tor Browser. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1290–1305.

The strength of an anonymity system depends on the number of users. Therefore, User eXperience (UX) and usability of these systems is of critical importance for boosting adoption and use. To this end, we carried out a study with 19 non-expert participants to investigate how users experience routine Web browsing via the Tor Browser, focusing particularly on encountered problems and frustrations. Using a mixed-methods quantitative and qualitative approach to study one week of naturalistic use of the Tor Browser, we uncovered a variety of UX issues, such as broken Web sites, latency, lack of common browsing conveniences, differential treatment of Tor traffic, incorrect geolocation, operational opacity, etc. We applied this insight to suggest a number of UX improvements that could mitigate the issues and reduce user frustration when using the Tor Browser.

Hagan, Matthew, Kang, BooJoong, McLaughlin, Kieran, Sezer, Sakir.  2018.  Peer Based Tracking Using Multi-Tuple Indexing for Network Traffic Analysis and Malware Detection. 2018 16th Annual Conference on Privacy, Security and Trust (PST). :1–5.

Traditional firewalls, Intrusion Detection Systems(IDS) and network analytics tools extensively use the `flow' connection concept, consisting of five `tuples' of source and destination IP, ports and protocol type, for classification and management of network activities. By analysing flows, information can be obtained from TCP/IP fields and packet content to give an understanding of what is being transferred within a single connection. As networks have evolved to incorporate more connections and greater bandwidth, particularly from ``always on'' IoT devices and video and data streaming, so too have malicious network threats, whose communication methods have increased in sophistication. As a result, the concept of the 5 tuple flow in isolation is unable to detect such threats and malicious behaviours. This is due to factors such as the length of time and data required to understand the network traffic behaviour, which cannot be accomplished by observing a single connection. To alleviate this issue, this paper proposes the use of additional, two tuple and single tuple flow types to associate multiple 5 tuple communications, with generated metadata used to profile individual connnection behaviour. This proposed approach enables advanced linking of different connections and behaviours, developing a clearer picture as to what network activities have been taking place over a prolonged period of time. To demonstrate the capability of this approach, an expert system rule set has been developed to detect the presence of a multi-peered ZeuS botnet, which communicates by making multiple connections with multiple hosts, thus undetectable to standard IDS systems observing 5 tuple flow types in isolation. Finally, as the solution is rule based, this implementation operates in realtime and does not require post-processing and analytics of other research solutions. This paper aims to demonstrate possible applications for next generation firewalls and methods to acquire additional information from network traffic.

Mar\'ın, Gonzalo, Casas, Pedro, Capdehourat, Germán.  2019.  Deep in the Dark - Deep Learning-Based Malware Traffic Detection Without Expert Knowledge. 2019 IEEE Security and Privacy Workshops (SPW). :36–42.

With the ever-growing occurrence of networking attacks, robust network security systems are essential to prevent and mitigate their harming effects. In recent years, machine learning-based systems have gain popularity for network security applications, usually considering the application of shallow models, where a set of expert handcrafted features are needed to pre-process the data before training. The main problem with this approach is that handcrafted features can fail to perform well given different kinds of scenarios and problems. Deep Learning models can solve this kind of issues using their ability to learn feature representations from input raw or basic, non-processed data. In this paper we explore the power of deep learning models on the specific problem of detection and classification of malware network traffic, using different representations for the input data. As a major advantage as compared to the state of the art, we consider raw measurements coming directly from the stream of monitored bytes as the input to the proposed models, and evaluate different raw-traffic feature representations, including packet and flow-level ones. Our results suggest that deep learning models can better capture the underlying statistics of malicious traffic as compared to classical, shallow-like models, even while operating in the dark, i.e., without any sort of expert handcrafted inputs.

Harris, Albert, Snader, Robin, Kravets, Robin.  2018.  Aggio: A Coupon Safe for Privacy-Preserving Smart Retail Environments. 2018 IEEE/ACM Symposium on Edge Computing (SEC). :174–186.

Researchers and industry experts are looking at how to improve a shopper's experience and a store's revenue by leveraging and integrating technologies at the edges of the network, such as Internet-of-Things (IoT) devices, cloud-based systems, and mobile applications. The integration of IoT technology can now be used to improve purchasing incentives through the use of electronic coupons. Research has shown that targeted electronic coupons are the most effective and coupons presented to the shopper when they are near the products capture the most shoppers' dollars. Although it is easy to imagine coupons being broadcast to a shopper's mobile device over a low-power wireless channel, such a solution must be able to advertise many products, target many individual shoppers, and at the same time, provide shoppers with their desired level of privacy. To support this type of IoT-enabled shopping experience, we have designed Aggio, an electronic coupon distribution system that enables the distribution of localized, targeted coupons while supporting user privacy and security. Aggio uses cryptographic mechanisms to not only provide security but also to manage shopper groups e.g., bronze, silver, and gold reward programs) and minimize resource usage, including bandwidth and energy. The novel use of cryptographic management of coupons and groups allows Aggio to reduce bandwidth use, as well as reduce the computing and energy resources needed to process incoming coupons. Through the use of local coupon storage on the shopper's mobile device, the shopper does not need to query the cloud and so does not need to expose all of the details of their shopping decisions. Finally, the use of privacy preserving communication between the shopper's mobile device and the CouponHubs that are distributed throughout the retail environment allows the shopper to expose their location to the store without divulging their location to all other shoppers present in the store.

Muszynska, Maria, Michels, Denise, von Zezschwitz, Emanuel.  2018.  Not On My Phone: Exploring Users' Conception of Related Permissions. Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems. :LBW508:1–LBW508:6.

Many smartphone security mechanisms prompt users to decide on sensitive resource requests. This approach fails if corresponding implications are not understood. Prior work identified ineffective user interfaces as a cause for insufficient comprehension and proposed augmented dialogs. We hypothesize that, prior to interface-design, efficient security dialogs require an underlying permission model based on user demands. We believe, that only an implementation which corresponds to users\guillemotright mental models, in terms of the handling, granularity and grouping of permission requests, allows for informed decisions. In this work, we propose a study design which leverages materialization for the extraction of the mental models. We present preliminary results of three Focus Groups. The findings indicate that the materialization provided sufficient support for non-experts to understand and discuss this complex topic. In addition to this, the results indicate that current permission approaches do not match users\guillemotright demands for information and control.

2019-12-09
Khokhlov, Igor, Jain, Chinmay, Miller-Jacobson, Ben, Heyman, Andrew, Reznik, Leonid, Jacques, Robert St..  2018.  MeetCI: A Computational Intelligence Software Design Automation Framework. 2018 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). :1-8.

Computational Intelligence (CI) algorithms/techniques are packaged in a variety of disparate frameworks/applications that all vary with respect to specific supported functionality and implementation decisions that drastically change performance. Developers looking to employ different CI techniques are faced with a series of trade-offs in selecting the appropriate library/framework. These include resource consumption, features, portability, interface complexity, ease of parallelization, etc. Considerations such as language compatibility and familiarity with a particular library make the choice of libraries even more difficult. The paper introduces MeetCI, an open source software framework for computational intelligence software design automation that facilitates the application design decisions and their software implementation process. MeetCI abstracts away specific framework details of CI techniques designed within a variety of libraries. This allows CI users to benefit from a variety of current frameworks without investigating the nuances of each library/framework. Using an XML file, developed in accordance with the specifications, the user can design a CI application generically, and utilize various CI software without having to redesign their entire technology stack. Switching between libraries in MeetCI is trivial and accessing the right library to satisfy a user's goals can be done easily and effectively. The paper discusses the framework's use in design of various applications. The design process is illustrated with four different examples from expert systems and machine learning domains, including the development of an expert system for security evaluation, two classification problems and a prediction problem with recurrent neural networks.

2019-07-01
Napoli, Daniela.  2018.  Developing Accessible and Usable Security (ACCUS) Heuristics. Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems. :SRC16:1-SRC16:6.

Currently, usable security and web accessibility design principles exist separately. Although literature at the intersect of accessibility and security is developing, it is limited in its understanding of how users with vision loss operate the web securely. In this paper, we propose heuristics that fuse the nuances of both fields. With these heuristics, we evaluate 10 websites and uncover several issues that can impede users' ability to abide by common security advice.

2019-06-17
Frey, Sylvain, Rashid, Awais, Anthonysamy, Pauline, Pinto-Albuquerque, Maria, Naqvi, Syed Asad.  2018.  The Good, the Bad and the Ugly: A Study of Security Decisions in a Cyber-Physical Systems Game. Proceedings of the 40th International Conference on Software Engineering. :496-496.

Motivation: The security of any system is a direct consequence of stakeholders' decisions regarding security requirements. Such decisions are taken with varying degrees of expertise, and little is currently understood about how various demographics - security experts, general computer scientists, managers - approach security decisions and the strategies that underpin those decisions. What are the typical decision patterns, the consequences of such patterns and their impact on the security of the system in question? Nor is there any substantial understanding of how the strategies and decision patterns of these different groups contrast. Is security expertise necessarily an advantage when making security decisions in a given context? Answers to these questions are key to understanding the "how" and "why" behind security decision processes. The Game: In this talk1, we present a tabletop game: Decisions and Disruptions (D-D)2 that tasks a group of players with managing the security of a small utility company while facing a variety of threats. The game is kept short - 2 hours - and simple enough to be played without prior training. A cyber-physical infrastructure, depicted through a Lego\textregistered board, makes the game easy to understand and accessible to players from varying backgrounds and security expertise, without being too trivial a setting for security experts. Key insights: We played D-D with 43 players divided into homogeneous groups: 4 groups of security experts, 4 groups of nontechnical managers and 4 groups of general computer scientists. • Strategies: Security experts had a strong interest in advanced technological solutions and tended to neglect intelligence gathering, to their own detriment. Managers, too, were technology-driven and focused on data protection while neglecting human factors more than other groups. Computer scientists tended to balance human factors and intelligence gathering with technical solutions, and achieved the best results of the three demographics. • Decision Processes: Technical experience significantly changes the way players think. Teams with little technical experience had shallow, intuition-driven discussions with few concrete arguments. Technical teams, and the most experienced in particular, had much richer debates, driven by concrete scenarios, anecdotes from experience, and procedural thinking. Security experts showed a high confidence in their decisions - despite some of them having bad consequences - while the other groups tended to doubt their own skills - even when they were playing good games. • Patterns: A number of characteristic plays were identified, some good (balance between priorities, open-mindedness, and adapting strategies based on inputs that challenge one's pre-conceptions), some bad (excessive focus on particular issues, confidence in charismatic leaders), some ugly ("tunnel vision" syndrome by over-confident players). These patterns are documented in the full paper - showing the virtue of the positive ones, discouraging the negative ones, and inviting the readers to do their own introspection. Conclusion: Beyond the analysis of the security decisions of the three demographics, there is a definite educational and awareness-raising aspect to D-D (as noted consistently by players in all our subject groups). Game boxes will be brought to the conference for demonstration purposes, and the audience will be invited to experiment with D-D themselves, make their own decisions, and reflect on their own perception of security.

2019-03-25
Le, Van-Khoa, Beauseroy, Pierre, Grall-Maes, Edith.  2018.  Abnormal Trajectory Detection for Security Infrastructure. Proceedings of the 2Nd International Conference on Digital Signal Processing. :1–5.

In this work, an approach for the automatic analysis of people trajectories is presented, using a multi-camera and card reader system. Data is first extracted from surveillance cameras and card readers to create trajectories which are sequences of paths and activities. A distance model is proposed to compare sequences and calculate similarities. The popular unsupervised model One-Class Support Vector Machine (One-Class SVM) is used to train a detector. The proposed method classifies trajectories as normal or abnormal and can be used in two modes: off-line and real-time. Experiments are based on data simulation corresponding to an attack scenario proposed by a security expert. Results show that the proposed method successfully detects the abnormal sequences in the scenario with very low false alarm rate.

2019-02-14
Anand, Priya, Ryoo, Jungwoo.  2018.  Architectural Solutions to Mitigate Security Vulnerabilities in Software Systems. Proceedings of the 13th International Conference on Availability, Reliability and Security. :5:1-5:5.

Security issues emerging out of the constantly evolving software applications became a huge challenge to software security experts. In this paper, we propose a prototype to detect vulnerabilities by identifying their architectural sources and also use security patterns to mitigate the identified vulnerabilities. We emphasize the need to consider architectural relations to introduce an effective security solution. In this research, we focused on the taint-style vulnerabilities that can induce injection-based attacks like XSS, SQLI in web applications. With numerous tools available to detect the taint-style vulnerabilities in the web applications, we scanned for the presence of repetition of a vulnerable code pattern in the software. Very importantly, we attempted to identify the architectural source files or modules by developing a tool named ArT Analyzer. We conducted a case study on a leading health-care software by applying the proposed architectural taint analysis and identified the vulnerable spots. We could identify the architectural roots for those vulnerable spots with the use of our tool ArT Analyzer. We verified the results by sharing it with the lead software architect of the project. By adopting an architectural solution, we avoided changes to be done on 252 different lines of code by merely introducing 2 lines of code changes at the architectural roots. Eventually, this solution was integrated into the latest updated release of the health-care software.

2019-01-21
Fei, Y., Ning, J., Jiang, W..  2018.  A quantifiable Attack-Defense Trees model for APT attack. 2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :2303–2306.
In order to deal with APT(Advanced Persistent Threat) attacks, this paper proposes a quantifiable Attack-Defense Tree model. First, the model gives both attack and defense leaf node a variety of security attributes. And then quantifies the nodes through the analytic hierarchy process. Finally, it analyzes the impact of the defense measures on the attack behavior. Through the application of the model, we can see that the quantifiable Attack-Defense Tree model can well describe the impact of defense measures on attack behavior.
2018-11-14
Xi, Z., Chen, L., Chen, M., Dai, Z., Li, Y..  2018.  Power Mobile Terminal Security Assessment Based on Weights Self-Learning. 2018 10th International Conference on Communication Software and Networks (ICCSN). :502–505.

At present, mobile terminals are widely used in power system and easy to be the target or springboard to attack the power system. It is necessary to have security assessment of power mobile terminal system to enable early warning of potential risks. In the context, this paper builds the security assessment system against to power mobile terminals, with features from security assessment system of general mobile terminals and power application scenarios. Compared with the existing methods, this paper introduces machine learning to the Rank Correlation Analysis method, which relies on expert experience, and uses objective experimental data to optimize the weight parameters of the indicators. From experiments, this paper proves that weights self-learning method can be used to evaluate the security of power mobile terminal system and improve credibility of the result.

Teive, R. C. G., Neto, E. A. C. A., Mussoi, F. L. R., Rese, A. L. R., Coelho, J., Andrade, F. F., Cardoso, F. L., Nogueira, F., Parreira, J. P..  2017.  Intelligent System for Automatic Performance Evaluation of Distribution System Operators. 2017 19th International Conference on Intelligent System Application to Power Systems (ISAP). :1–6.
The performance evaluation of distribution network operators is essential for the electrical utilities to know how prepared the operators are to execute their operation standards and rules, searching for minimizing the time of power outage, after some contingency. The performance of operators can be evaluated by the impact of their actions on several technical and economic indicators of the distribution system. This issue is a complex problem, whose solution involves necessarily some expertise and a multi-criteria evaluation. This paper presents a Tutorial Expert System (TES) for performance evaluation of electrical distribution network operators after a given contingency in the electrical network. The proposed TES guides the evaluation process, taking into account technical, economic and personal criteria, aiding the quantification of these criteria. A case study based on real data demonstrates the applicability of the performance evaluation procedure of distribution network operators.
Kustov, V. N., Yakovlev, V. V., Stankevich, T. L..  2017.  The Information Security System Synthesis Using the Graphs Theory. 2017 XX IEEE International Conference on Soft Computing and Measurements (SCM). :148–151.
Timely prevention information security threats, provided by specialized software and hardware, is the effective business foundation, allowing to reduce reputational and financial risks for the company. At the same time, protection must be implemented in all detractors' possible attacks areas. If we turn to the Russian Federation leISSlation, then the FSTEC order No31 of March 14, 2014 may be adopted as the basis for ``isolating'' the protection vectors, according to which the basic measures for protection should be provided at the following levels: access subjects identification and authentication, access delineation, software restriction, computer storage media protection, etc. (There are 21 of them). On the hardware and software complex basis that implement protection at each of these levels, an enterprise information security system is created. To select the most appropriate software and hardware information security, and, therefore, to build an optimal enterprise information protection system, one can turn to graph theory. In this case, the problem is reduced to the ranked descending graph construction and the optimality problem solution, i.e. critical (maximal) path of this graph calculation. Each graph level corresponds to a specific subsystem of the information security system, while the subsystems are located in the alleged overcoming order protection by the attacker; tops - the considered information security tools; the graph is weighted, the each its arcs weight corresponds to the expert evaluation of the preference for using a particular tool.