Home / Advanced Search

  • Title/Keywords

  • Author/Affliations

  • Journal

  • Article Type

  • Start Year

  • End Year

Update SearchingClear
  • Articles
  • Online
Search Results (8)
  • Open Access

    ARTICLE

    Software Vulnerability Mining and Analysis Based on Deep Learning

    Shibin Zhao*, Junhu Zhu, Jianshan Peng

    CMC-Computers, Materials & Continua, Vol.80, No.2, pp. 3263-3287, 2024, DOI:10.32604/cmc.2024.041949 - 15 August 2024

    Abstract In recent years, the rapid development of computer software has led to numerous security problems, particularly software vulnerabilities. These flaws can cause significant harm to users’ privacy and property. Current security defect detection technology relies on manual or professional reasoning, leading to missed detection and high false detection rates. Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes, reducing missed alarms and false alarms. So, this project aims to study Java source code defect detection methods for defects like null pointer… More >

  • Open Access

    ARTICLE

    FFRA: A Fine-Grained Function-Level Framework to Reduce the Attack Surface

    Xingxing Zhang1, Liang Liu1,*, Yu Fan1, Qian Zhou2

    Computer Systems Science and Engineering, Vol.48, No.4, pp. 969-987, 2024, DOI:10.32604/csse.2024.046615 - 17 July 2024

    Abstract System calls are essential interfaces that enable applications to access and utilize the operating system’s services and resources. Attackers frequently exploit application’s vulnerabilities and misuse system calls to execute malicious code, aiming to elevate privileges and so on. Consequently, restricting the misuse of system calls becomes a crucial measure in ensuring system security. It is an effective method known as reducing the attack surface. Existing attack surface reduction techniques construct a global whitelist of system calls for the entire lifetime of the application, which is coarse-grained. In this paper, we propose a Fine-grained Function-level framework… More >

  • Open Access

    REVIEW

    Fuzzing: Progress, Challenges, and Perspectives

    Zhenhua Yu1, Zhengqi Liu1, Xuya Cong1,*, Xiaobo Li2, Li Yin3

    CMC-Computers, Materials & Continua, Vol.78, No.1, pp. 1-29, 2024, DOI:10.32604/cmc.2023.042361 - 30 January 2024

    Abstract As one of the most effective techniques for finding software vulnerabilities, fuzzing has become a hot topic in software security. It feeds potentially syntactically or semantically malformed test data to a target program to mine vulnerabilities and crash the system. In recent years, considerable efforts have been dedicated by researchers and practitioners towards improving fuzzing, so there are more and more methods and forms, which make it difficult to have a comprehensive understanding of the technique. This paper conducts a thorough survey of fuzzing, focusing on its general process, classification, common application scenarios, and some More >

  • Open Access

    ARTICLE

    Selecting Best Software Vulnerability Scanner Using Intuitionistic Fuzzy Set TOPSIS

    Navneet Bhatt1, Jasmine Kaur2, Adarsh Anand2, Omar H. Alhazmi3,*

    CMC-Computers, Materials & Continua, Vol.72, No.2, pp. 3613-3629, 2022, DOI:10.32604/cmc.2022.026554 - 29 March 2022

    Abstract Software developers endeavor to build their products with the least number of bugs. Despite this, many vulnerabilities are detected in software that threatens its integrity. Various automated software i.e., vulnerability scanners, are available in the market which helps detect and manage vulnerabilities in a computer, application, or a network. Hence, the choice of an appropriate vulnerability scanner is crucial to ensure efficient vulnerability management. The current work serves a dual purpose, first, to identify the key factors which affect the vulnerability discovery process in a network. The second, is to rank the popular vulnerability scanners… More >

  • Open Access

    ARTICLE

    Evaluating the Impacts of Security-Durability Characteristic: Data Science Perspective

    Abdullah Alharbi1, Masood Ahmad2, Wael Alosaimi1, Hashem Alyami3, Alka Agrawal2, Rajeev Kumar4,*, Abdul Wahid5, Raees Ahmad Khan2

    Computer Systems Science and Engineering, Vol.41, No.2, pp. 557-567, 2022, DOI:10.32604/csse.2022.020843 - 25 October 2021

    Abstract Security has always been a vital research topic since the birth of web application. A great deal of research has been conducted to determine the ways of identifying and classifying security issues or goals However, in the recent years, it has been noticed that high secure web applications have less durability; thus reducing their business continuity. High security features of a web application are worthless unless they provide effective services to the user and meet the standards of commercial viability. Hence, there is a need to bridge the gap between security and durability of the… More >

  • Open Access

    ARTICLE

    Analyzing the Data of Software Security Life-Span: Quantum Computing Era

    Hashem Alyami1, Mohd Nadeem2, Wael Alosaimi3, Abdullah Alharbi3, Rajeev Kumar4,*, Bineet Kumar Gupta4, Alka Agrawal2, Raees Ahmad Khan2

    Intelligent Automation & Soft Computing, Vol.31, No.2, pp. 707-716, 2022, DOI:10.32604/iasc.2022.020780 - 22 September 2021

    Abstract Software or web application security is the main objective in the era of Information Technology (IT) and Artificial Intelligence (AI). Distinguishing proof of security at the initial stage produces significant results to comprehend the administration of security relics for best potential outcomes. A security alternative gives several methods and algorithms to ensure the software security. Security estimation is the vital factor in assessing, administrating, controlling security to improve the nature of security. It is to be realized that assessment of security at early stage of development helps in identifying distinctive worms, dangers, weaknesses and threats.… More >

  • Open Access

    ARTICLE

    Managing Software Security Risks through an Integrated Computational Method

    Abdullah Alharbi1, Wael Alosaimi1, Hashem Alyami2, Mohd Nadeem3, Mohd Faizan3, Alka Agrawal3, Rajeev Kumar3,4,*, Raees Ahmad Khan3

    Intelligent Automation & Soft Computing, Vol.28, No.1, pp. 179-194, 2021, DOI:10.32604/iasc.2021.016646 - 17 March 2021

    Abstract Security risk evaluation of web-based healthcare applications is important from a design perspective. The developers as well as the users need to make sure that the applications must be secure. Citing the disastrous effects of unsecured web applications, Accuntix Online states that the IT industry has lost millions of dollars due to security theft and malware attacks. Protecting the integrity of patients’ health data is of utmost importance. Thus, assessing the security risk of web-based healthcare applications should be accorded the highest priority while developing the web applications. To fulfill the security requirements, the developers must… More >

  • Open Access

    ARTICLE

    Evaluating the Impact of Software Security Tactics: A Design Perspective

    Mamdouh Alenezi1, Abhishek Kumar Pandey2, Richa Verma3, Mohd Faizan2, Shalini Chandra3, Alka Agrawal2, Rajeev Kumar2,4,*, Raees Ahmad Khan2

    CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2283-2299, 2021, DOI:10.32604/cmc.2021.013579 - 28 December 2020

    Abstract Design architecture is the edifice that strengthens the functionalities as well as the security of web applications. In order to facilitate architectural security from the web application’s design phase itself, practitioners are now adopting the novel mechanism of security tactics. With the intent to conduct a research from the perspective of security tactics, the present study employs a hybrid multi-criteria decision-making approach named fuzzy analytic hierarchy process-technique for order preference by similarity ideal solution (AHP-TOPSIS) method for selecting and assessing multi-criteria decisions. The adopted methodology is a blend of fuzzy analytic hierarchy process (fuzzy AHP)… More >

Displaying 1-10 on page 1 of 8. Per Page