Software development is getting a transition from centralized version control systems(CVCSs)like Subversion to decentralized version control systems(DVCDs)like Git due to lesser efficiency of former in terms of branch...Software development is getting a transition from centralized version control systems(CVCSs)like Subversion to decentralized version control systems(DVCDs)like Git due to lesser efficiency of former in terms of branching,fusion,time,space,merging,offline commits&builds and repository,etc.Git is having a share of 77%of total VCS,followed by Subversion with a share of 13.5%.The majority of software industries are getting a migration from Subversion to Git.Only a few migration tools are available in the software industry.Still,these too lack in many features like lack of identifying the empty directories as premigration check,failover capabilities during migration due to network failure or disk space issue,and detailed report generation as post-migration steps.In this work,a holistic,proactive and novel approach has been presented for pre/during/post-migration validation from Subversion to Git.Many scripts have been developed and executed run-time over various projects for overcoming the limitations of existing migration software tools for a Subversion to Git migration.During premigration,none of the available migration tools has the capability to fetch empty directories of Subversion,which results in an incomplete migration from Subversion to Git.Many Scripts have been developed and executed for pre-migration validation and migration preparation,which overcomes the problem of incomplete migration.Experimentation was conducted in SRLC Software Research Lab,Chicago,USA.During the migration process,in case of loss of network connection or due to any other reason,if migration stops or breaks,available migration tools do not have capabilities to start over from the same point where it left.Various Scripts have been developed and executed to keep the migration revision history in the cache(elastic cache)to start from the same point where it was left due to connection failure.During post-migration,none of the available version control migration tools generate a detailed report giving information about the total size of source Subversion repositories, the total volume of data migrated todestination repositories in Git, total number of pools migrated, time taken formigration, number of Subversion users with email notification, etc. VariousScripts have been developed and executed for the above purpose during thepost-migration process.展开更多
Diabetes Mellitus is one of the most severe diseases,and many studies have been conducted to anticipate diabetes.This research aimed to develop an intelligent mobile application based on machine learning to determine ...Diabetes Mellitus is one of the most severe diseases,and many studies have been conducted to anticipate diabetes.This research aimed to develop an intelligent mobile application based on machine learning to determine the diabetic,pre-diabetic,or non-diabetic without the assistance of any physician or medical tests.This study’s methodology was classified into two the Diabetes Prediction Approach and the Proposed System Architecture Design.The Diabetes Prediction Approach uses a novel approach,Light Gradient Boosting Machine(LightGBM),to ensure a faster diagnosis.The Proposed System ArchitectureDesign has been combined into sevenmodules;the Answering Question Module is a natural language processing Chabot that can answer all kinds of questions related to diabetes.The Doctor Consultation Module ensures free treatment related to diabetes.In this research,90%accuracy was obtained by performing K-fold cross-validation on top of the K nearest neighbor’s algorithm(KNN)&LightGBM.To evaluate the model’s performance,Receiver Operating Characteristics(ROC)Curve and Area under the ROC Curve(AUC)were applied with a value of 0.948 and 0.936,respectively.This manuscript presents some exploratory data analysis,including a correlation matrix and survey report.Moreover,the proposed solution can be adjustable in the daily activities of a diabetic patient.展开更多
The recent unprecedented threat from COVID-19 and past epidemics,such as SARS,AIDS,and Ebola,has affected millions of people in multiple countries.Countries have shut their borders,and their nationals have been advise...The recent unprecedented threat from COVID-19 and past epidemics,such as SARS,AIDS,and Ebola,has affected millions of people in multiple countries.Countries have shut their borders,and their nationals have been advised to self-quarantine.The variety of responses to the pandemic has given rise to data privacy concerns.Infection prevention and control strategies as well as disease control measures,especially real-time contact tracing for COVID-19,require the identification of people exposed to COVID-19.Such tracing frameworks use mobile apps and geolocations to trace individuals.However,while the motive may be well intended,the limitations and security issues associated with using such a technology are a serious cause of concern.There are growing concerns regarding the privacy of an individual’s location and personal identifiable information(PII)being shared with governments and/or health agencies.This study presents a real-time,trust-based contact-tracing framework that operateswithout the use of an individual’sPII,location sensing,or gathering GPS logs.The focus of the proposed contact tracing framework is to ensure real-time privacy using the Bluetooth range of individuals to determine others within the range.The research validates the trust-based framework using Bluetooth as practical and privacy-aware.Using our proposed methodology,personal information,health logs,and location data will be secure and not abused.This research analyzes 100,000 tracing dataset records from 150 mobile devices to identify infected users and active users.展开更多
Smart Grid is a power grid that improves flexibility,reliability,and efficiency through smart meters.Due to extensive data exchange over the Internet,the smart grid faces many security challenges that have led to data...Smart Grid is a power grid that improves flexibility,reliability,and efficiency through smart meters.Due to extensive data exchange over the Internet,the smart grid faces many security challenges that have led to data loss,data compromise,and high power consumption.Moreover,the lack of hardware protection and physical attacks reduce the overall performance of the smart grid network.We proposed the BLIDSE model(Blockchain-based secure quantum key distribution and Intrusion Detection System in Edge Enables Smart Grid Network)to address these issues.The proposed model includes five phases:The first phase is blockchain-based secure user authentication,where all smart meters are first registered in the blockchain,and then the blockchain generates a secret key.The blockchain verifies the user ID and the secret key during authentication matches the one authorized to access the network.The secret key is shared during transmission through secure quantum key distribution(SQKD).The second phase is the lightweight data encryption,for which we use a lightweight symmetric encryption algorithm,named Camellia.The third phase is the multi-constraint-based edge selection;the data are transmitted to the control center through the edge server,which is also authenticated by blockchain to enhance the security during the data transmission.We proposed a perfect matching algorithm for selecting the optimal edge.The fourth phase is a dual intrusion detection system which acts as a firewall used to drop irrelevant packets,and data packets are classified into normal,physical errors and attacks,which is done by Double DeepQNetwork(DDQN).The last phase is optimal user privacy management.In this phase,smartmeter updates and revocations are done,forwhichwe proposed Forensic based Investigation Optimization(FBI),which improves the security of the smart grid network.The simulation is performed using network simulator NS3.26,which evaluates the performance in terms of computational complexity,accuracy,false detection,and false alarm rate.The proposed BLIDSE model effectively mitigates cyber-attacks,thereby contributing to improved security in the network.展开更多
Depression is a crippling affliction and affects millions of individuals around the world.In general,the physicians screen patients for mental health disorders on a regular basis and treat patients in collaboration wi...Depression is a crippling affliction and affects millions of individuals around the world.In general,the physicians screen patients for mental health disorders on a regular basis and treat patients in collaboration with psychologists and other mental health experts,which results in lower costs and improved patient outcomes.However,this strategy can necessitate a lot of buy-in from a large number of people,as well as additional training and logistical considerations.Thus,utilizing the machine learning algorithms,patients with depression based on information generally present in a medical file were analyzed and predicted.The methodology of this proposed study is divided into six parts:Proposed Research Architecture(PRA),Data Pre-processing Approach(DPA),Research Hypothesis Testing(RHT),Concentrated Algorithm Pipeline(CAP),Loss Optimization Stratagem(LOS),and Model Deployment Architecture(MDA).The Null Hypothesis and Alternative Hypothesis are applied to test the RHT.In addition,Ensemble Learning Approach(ELA)and Frequent Model Retraining(FMR)have been utilized for optimizing the loss function.Besides,the Features Importance Interpretation is also delineated in this research.These forecasts could help individuals connect with expert mental health specialists more quickly and easily.According to the findings,71%of people with depression and 80%of those who do not have depression can be appropriately diagnosed.This study obtained 91%and 92%accuracy through the Random Forest(RF)and Extra Tree Classifier.But after applying the Receiver operating characteristic(ROC)curve,79%accuracy was found on top of RF,81%found on Extra Tree,and 82%recorded for the eXtreme Gradient Boosting(XGBoost)algorithm.Besides,several factors are identified in terms of predicting depression through statistical data analysis.Though the additional effort is needed to develop a more accurate model,this model can be adjustable in the healthcare sector for diagnosing depression.展开更多
Sensors and physical activity evaluation are quite limited for motionbased commercial devices.Sometimes the accelerometer of the smartwatch is utilized;walking is investigated.The combination can perform better in ter...Sensors and physical activity evaluation are quite limited for motionbased commercial devices.Sometimes the accelerometer of the smartwatch is utilized;walking is investigated.The combination can perform better in terms of sensors and that can be determined by sensors on both the smartwatch and phones,i.e.,accelerometer and gyroscope.For biometric efficiency,some of the diverse activities of daily routine have been evaluated,also with biometric authentication.The result shows that using the different computing techniques in phones and watch for biometric can provide a suitable output based on the mentioned activities.This indicates that the high feasibility and results of continuous biometrics analysis in terms of average daily routine activities.In this research,the set of rules with the real-valued attributes are evolved with the use of a genetic algorithm.With the help of real value genes,the real value attributes cab be encoded,and presentation of new methods which are represents not to cares in the rules.The rule sets which help in maximizing the number of accurate classifications of inputs and supervise classifications are viewed as an optimization problem.The use of Pitt approach to the ML(Machine Learning)and Genetic based system that includes a resolution mechanism among rules that are competing within the same rule sets is utilized.This enhances the efficiency of the overall system,as shown in the research.展开更多
Low back pain(LBP)is a morbid condition that has afflicted several citizens in Europe.It has negatively impacted the European economy due to several man-days lost,with bed rest and forced inactivity being the usual LB...Low back pain(LBP)is a morbid condition that has afflicted several citizens in Europe.It has negatively impacted the European economy due to several man-days lost,with bed rest and forced inactivity being the usual LBP care and management steps.Direct models,which incorporate various regression analyses,have been executed for the investigation of this premise due to the simplicity of translation.However,such straight models fail to completely consider the impact of association brought about by a mix of nonlinear connections and autonomous factors.In this paper,we discuss a system that aids decision-making regarding the best-suited support system for LBP,allowing the individual to avail of reinforcement and improvement in its self-management.These activities are monitored with the help of a wearable sensor that helps in their detection and their classification as those that soothe or aggravate LBP and hence,should or should not be performed.This system helps the patients set their own boundaries and milestones with respect to suitable activities.This system also does windowing and feature extraction.The present study is an empirical and comparative analysis of the most suitable activities that patients suffering from low back pain can select.The evaluation shows that the system can distinguish between nine common daily activities effectively and helps self-monitor these activities for the efficient management of LBP.展开更多
Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.Th...Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution.While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations,there exists a great challenge ineffective processing of large count of different Indicators of Threat(IoT)which appear regularly,and that can be solved only through a collaborative approach.Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats.In order to covet the complete needs of having a definite standard of information exchange,various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX.This paper proposes a scoring model to address information decay,which is shared within TISP.The scoring model is implemented,taking the use case of detecting the Threat Indicators in a phishing data network.The proposed method calculates the rate of decay of an attribute through which the early entries are removed.展开更多
Today,security is a major challenge linked with computer network companies that cannot defend against cyber-attacks.Numerous vulnerable factors increase security risks and cyber-attacks,including viruses,the internet,...Today,security is a major challenge linked with computer network companies that cannot defend against cyber-attacks.Numerous vulnerable factors increase security risks and cyber-attacks,including viruses,the internet,communications,and hackers.Internets of Things(IoT)devices are more effective,and the number of devices connected to the internet is constantly increasing,and governments and businesses are also using these technologies to perform business activities effectively.However,the increasing uses of technologies also increase risks,such as password attacks,social engineering,and phishing attacks.Humans play a major role in the field of cybersecurity.It is observed that more than 39%of security risks are related to the human factor,and 95%of successful cyber-attacks are caused by human error,with most of them being insider threats.The major human factor issue in cybersecurity is a lack of user awareness of cyber threats.This study focuses on the human factor by surveying the vulnerabilities and reducing the risk by focusing on human nature and reacting to different situations.This study highlighted that most of the participants are not experienced with cybersecurity threats and how to protect their personal information.Moreover,the lack of awareness of the top three vulnerabilities related to the human factor in cybersecurity,such as phishing attacks,passwords,attacks,and social engineering,are major problems that need to be addressed and reduced through proper awareness and training.展开更多
Web applications have become a widely accepted method to support the internet for the past decade.Since they have been successfully installed in the business activities and there is a requirement of advanced functiona...Web applications have become a widely accepted method to support the internet for the past decade.Since they have been successfully installed in the business activities and there is a requirement of advanced functionalities,the configuration is growing and becoming more complicated.The growing demand and complexity also make these web applications a preferred target for intruders on the internet.Even with the support of security specialists,they remain highly problematic for the complexity of penetration and code reviewing methods.It requires considering different testing patterns in both codes reviewing and penetration testing.As a result,the number of hacked websites is increasing day by day.Most of these vulnerabilities also occur due to incorrect input validation and lack of result validation for lousy programming practices or coding errors.Vulnerability scanners for web applications can detect a few vulnerabilities in a dynamic approach.These are quite easy to use;however,these often miss out on some of the unique critical vulnerabilities in a different and static approach.Although these are time-consuming,they can find complex vulnerabilities and improve developer knowledge in coding and best practices.Many scanners choose both dynamic and static approaches,and the developers can select them based on their requirements and conditions.This research explores and provides details of SQL injection,operating system command injection,path traversal,and cross-site scripting vulnerabilities through dynamic and static approaches.It also examines various security measures in web applications and selected five tools based on their features for scanning PHP,and JAVA code focuses on SQL injection,cross-site scripting,Path Traversal,operating system command.Moreover,this research discusses the approach of a cyber-security tester or a security developer finding out vulnerabilities through dynamic and static approaches using manual and automated web vulnerability scanners.展开更多
基金the Deanship of Scientific research at Majmaah University for the funding this work under Project No.(RGP-2019-26).
文摘Software development is getting a transition from centralized version control systems(CVCSs)like Subversion to decentralized version control systems(DVCDs)like Git due to lesser efficiency of former in terms of branching,fusion,time,space,merging,offline commits&builds and repository,etc.Git is having a share of 77%of total VCS,followed by Subversion with a share of 13.5%.The majority of software industries are getting a migration from Subversion to Git.Only a few migration tools are available in the software industry.Still,these too lack in many features like lack of identifying the empty directories as premigration check,failover capabilities during migration due to network failure or disk space issue,and detailed report generation as post-migration steps.In this work,a holistic,proactive and novel approach has been presented for pre/during/post-migration validation from Subversion to Git.Many scripts have been developed and executed run-time over various projects for overcoming the limitations of existing migration software tools for a Subversion to Git migration.During premigration,none of the available migration tools has the capability to fetch empty directories of Subversion,which results in an incomplete migration from Subversion to Git.Many Scripts have been developed and executed for pre-migration validation and migration preparation,which overcomes the problem of incomplete migration.Experimentation was conducted in SRLC Software Research Lab,Chicago,USA.During the migration process,in case of loss of network connection or due to any other reason,if migration stops or breaks,available migration tools do not have capabilities to start over from the same point where it left.Various Scripts have been developed and executed to keep the migration revision history in the cache(elastic cache)to start from the same point where it was left due to connection failure.During post-migration,none of the available version control migration tools generate a detailed report giving information about the total size of source Subversion repositories, the total volume of data migrated todestination repositories in Git, total number of pools migrated, time taken formigration, number of Subversion users with email notification, etc. VariousScripts have been developed and executed for the above purpose during thepost-migration process.
文摘Diabetes Mellitus is one of the most severe diseases,and many studies have been conducted to anticipate diabetes.This research aimed to develop an intelligent mobile application based on machine learning to determine the diabetic,pre-diabetic,or non-diabetic without the assistance of any physician or medical tests.This study’s methodology was classified into two the Diabetes Prediction Approach and the Proposed System Architecture Design.The Diabetes Prediction Approach uses a novel approach,Light Gradient Boosting Machine(LightGBM),to ensure a faster diagnosis.The Proposed System ArchitectureDesign has been combined into sevenmodules;the Answering Question Module is a natural language processing Chabot that can answer all kinds of questions related to diabetes.The Doctor Consultation Module ensures free treatment related to diabetes.In this research,90%accuracy was obtained by performing K-fold cross-validation on top of the K nearest neighbor’s algorithm(KNN)&LightGBM.To evaluate the model’s performance,Receiver Operating Characteristics(ROC)Curve and Area under the ROC Curve(AUC)were applied with a value of 0.948 and 0.936,respectively.This manuscript presents some exploratory data analysis,including a correlation matrix and survey report.Moreover,the proposed solution can be adjustable in the daily activities of a diabetic patient.
基金The author would like to thank the Deanship of Scientific Research at Majmaah University for supporting this work under Project No.R-2021-131.
文摘The recent unprecedented threat from COVID-19 and past epidemics,such as SARS,AIDS,and Ebola,has affected millions of people in multiple countries.Countries have shut their borders,and their nationals have been advised to self-quarantine.The variety of responses to the pandemic has given rise to data privacy concerns.Infection prevention and control strategies as well as disease control measures,especially real-time contact tracing for COVID-19,require the identification of people exposed to COVID-19.Such tracing frameworks use mobile apps and geolocations to trace individuals.However,while the motive may be well intended,the limitations and security issues associated with using such a technology are a serious cause of concern.There are growing concerns regarding the privacy of an individual’s location and personal identifiable information(PII)being shared with governments and/or health agencies.This study presents a real-time,trust-based contact-tracing framework that operateswithout the use of an individual’sPII,location sensing,or gathering GPS logs.The focus of the proposed contact tracing framework is to ensure real-time privacy using the Bluetooth range of individuals to determine others within the range.The research validates the trust-based framework using Bluetooth as practical and privacy-aware.Using our proposed methodology,personal information,health logs,and location data will be secure and not abused.This research analyzes 100,000 tracing dataset records from 150 mobile devices to identify infected users and active users.
基金The authors would like to thank the Deanship of Scientific Research at Majmaah University for supporting this work under Project Number No-R-2021-137.
文摘Smart Grid is a power grid that improves flexibility,reliability,and efficiency through smart meters.Due to extensive data exchange over the Internet,the smart grid faces many security challenges that have led to data loss,data compromise,and high power consumption.Moreover,the lack of hardware protection and physical attacks reduce the overall performance of the smart grid network.We proposed the BLIDSE model(Blockchain-based secure quantum key distribution and Intrusion Detection System in Edge Enables Smart Grid Network)to address these issues.The proposed model includes five phases:The first phase is blockchain-based secure user authentication,where all smart meters are first registered in the blockchain,and then the blockchain generates a secret key.The blockchain verifies the user ID and the secret key during authentication matches the one authorized to access the network.The secret key is shared during transmission through secure quantum key distribution(SQKD).The second phase is the lightweight data encryption,for which we use a lightweight symmetric encryption algorithm,named Camellia.The third phase is the multi-constraint-based edge selection;the data are transmitted to the control center through the edge server,which is also authenticated by blockchain to enhance the security during the data transmission.We proposed a perfect matching algorithm for selecting the optimal edge.The fourth phase is a dual intrusion detection system which acts as a firewall used to drop irrelevant packets,and data packets are classified into normal,physical errors and attacks,which is done by Double DeepQNetwork(DDQN).The last phase is optimal user privacy management.In this phase,smartmeter updates and revocations are done,forwhichwe proposed Forensic based Investigation Optimization(FBI),which improves the security of the smart grid network.The simulation is performed using network simulator NS3.26,which evaluates the performance in terms of computational complexity,accuracy,false detection,and false alarm rate.The proposed BLIDSE model effectively mitigates cyber-attacks,thereby contributing to improved security in the network.
文摘Depression is a crippling affliction and affects millions of individuals around the world.In general,the physicians screen patients for mental health disorders on a regular basis and treat patients in collaboration with psychologists and other mental health experts,which results in lower costs and improved patient outcomes.However,this strategy can necessitate a lot of buy-in from a large number of people,as well as additional training and logistical considerations.Thus,utilizing the machine learning algorithms,patients with depression based on information generally present in a medical file were analyzed and predicted.The methodology of this proposed study is divided into six parts:Proposed Research Architecture(PRA),Data Pre-processing Approach(DPA),Research Hypothesis Testing(RHT),Concentrated Algorithm Pipeline(CAP),Loss Optimization Stratagem(LOS),and Model Deployment Architecture(MDA).The Null Hypothesis and Alternative Hypothesis are applied to test the RHT.In addition,Ensemble Learning Approach(ELA)and Frequent Model Retraining(FMR)have been utilized for optimizing the loss function.Besides,the Features Importance Interpretation is also delineated in this research.These forecasts could help individuals connect with expert mental health specialists more quickly and easily.According to the findings,71%of people with depression and 80%of those who do not have depression can be appropriately diagnosed.This study obtained 91%and 92%accuracy through the Random Forest(RF)and Extra Tree Classifier.But after applying the Receiver operating characteristic(ROC)curve,79%accuracy was found on top of RF,81%found on Extra Tree,and 82%recorded for the eXtreme Gradient Boosting(XGBoost)algorithm.Besides,several factors are identified in terms of predicting depression through statistical data analysis.Though the additional effort is needed to develop a more accurate model,this model can be adjustable in the healthcare sector for diagnosing depression.
基金Deanship of Scientific Research at Majmaah University for supporting this work under Project Number No.RGP-2019-26.
文摘Sensors and physical activity evaluation are quite limited for motionbased commercial devices.Sometimes the accelerometer of the smartwatch is utilized;walking is investigated.The combination can perform better in terms of sensors and that can be determined by sensors on both the smartwatch and phones,i.e.,accelerometer and gyroscope.For biometric efficiency,some of the diverse activities of daily routine have been evaluated,also with biometric authentication.The result shows that using the different computing techniques in phones and watch for biometric can provide a suitable output based on the mentioned activities.This indicates that the high feasibility and results of continuous biometrics analysis in terms of average daily routine activities.In this research,the set of rules with the real-valued attributes are evolved with the use of a genetic algorithm.With the help of real value genes,the real value attributes cab be encoded,and presentation of new methods which are represents not to cares in the rules.The rule sets which help in maximizing the number of accurate classifications of inputs and supervise classifications are viewed as an optimization problem.The use of Pitt approach to the ML(Machine Learning)and Genetic based system that includes a resolution mechanism among rules that are competing within the same rule sets is utilized.This enhances the efficiency of the overall system,as shown in the research.
基金the Deanship of Scientific research atMajmaah University for funding this work under project No.RGP-2019-26.
文摘Low back pain(LBP)is a morbid condition that has afflicted several citizens in Europe.It has negatively impacted the European economy due to several man-days lost,with bed rest and forced inactivity being the usual LBP care and management steps.Direct models,which incorporate various regression analyses,have been executed for the investigation of this premise due to the simplicity of translation.However,such straight models fail to completely consider the impact of association brought about by a mix of nonlinear connections and autonomous factors.In this paper,we discuss a system that aids decision-making regarding the best-suited support system for LBP,allowing the individual to avail of reinforcement and improvement in its self-management.These activities are monitored with the help of a wearable sensor that helps in their detection and their classification as those that soothe or aggravate LBP and hence,should or should not be performed.This system helps the patients set their own boundaries and milestones with respect to suitable activities.This system also does windowing and feature extraction.The present study is an empirical and comparative analysis of the most suitable activities that patients suffering from low back pain can select.The evaluation shows that the system can distinguish between nine common daily activities effectively and helps self-monitor these activities for the efficient management of LBP.
基金The author extends their appreciation to the Deanship of Scientific research at Majmaah University for the funding this work under Project No.1439-48.
文摘Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution.While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations,there exists a great challenge ineffective processing of large count of different Indicators of Threat(IoT)which appear regularly,and that can be solved only through a collaborative approach.Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats.In order to covet the complete needs of having a definite standard of information exchange,various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX.This paper proposes a scoring model to address information decay,which is shared within TISP.The scoring model is implemented,taking the use case of detecting the Threat Indicators in a phishing data network.The proposed method calculates the rate of decay of an attribute through which the early entries are removed.
基金the Deanship of Scientific Research at Majmaah University for supporting this work under Project Number No-R-14xx-4x.
文摘Today,security is a major challenge linked with computer network companies that cannot defend against cyber-attacks.Numerous vulnerable factors increase security risks and cyber-attacks,including viruses,the internet,communications,and hackers.Internets of Things(IoT)devices are more effective,and the number of devices connected to the internet is constantly increasing,and governments and businesses are also using these technologies to perform business activities effectively.However,the increasing uses of technologies also increase risks,such as password attacks,social engineering,and phishing attacks.Humans play a major role in the field of cybersecurity.It is observed that more than 39%of security risks are related to the human factor,and 95%of successful cyber-attacks are caused by human error,with most of them being insider threats.The major human factor issue in cybersecurity is a lack of user awareness of cyber threats.This study focuses on the human factor by surveying the vulnerabilities and reducing the risk by focusing on human nature and reacting to different situations.This study highlighted that most of the participants are not experienced with cybersecurity threats and how to protect their personal information.Moreover,the lack of awareness of the top three vulnerabilities related to the human factor in cybersecurity,such as phishing attacks,passwords,attacks,and social engineering,are major problems that need to be addressed and reduced through proper awareness and training.
基金The author swould like to thank the Deanship of Scientific Research at Majmaah University for supporting this work under Project Number No-R-14xx-4x.
文摘Web applications have become a widely accepted method to support the internet for the past decade.Since they have been successfully installed in the business activities and there is a requirement of advanced functionalities,the configuration is growing and becoming more complicated.The growing demand and complexity also make these web applications a preferred target for intruders on the internet.Even with the support of security specialists,they remain highly problematic for the complexity of penetration and code reviewing methods.It requires considering different testing patterns in both codes reviewing and penetration testing.As a result,the number of hacked websites is increasing day by day.Most of these vulnerabilities also occur due to incorrect input validation and lack of result validation for lousy programming practices or coding errors.Vulnerability scanners for web applications can detect a few vulnerabilities in a dynamic approach.These are quite easy to use;however,these often miss out on some of the unique critical vulnerabilities in a different and static approach.Although these are time-consuming,they can find complex vulnerabilities and improve developer knowledge in coding and best practices.Many scanners choose both dynamic and static approaches,and the developers can select them based on their requirements and conditions.This research explores and provides details of SQL injection,operating system command injection,path traversal,and cross-site scripting vulnerabilities through dynamic and static approaches.It also examines various security measures in web applications and selected five tools based on their features for scanning PHP,and JAVA code focuses on SQL injection,cross-site scripting,Path Traversal,operating system command.Moreover,this research discusses the approach of a cyber-security tester or a security developer finding out vulnerabilities through dynamic and static approaches using manual and automated web vulnerability scanners.
