Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testin...Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.展开更多
Design architecture is the edifice that strengthens the functionalities as well as the security of web applications.In order to facilitate architectural security from the web application’s design phase itself,practit...Design architecture is the edifice that strengthens the functionalities as well as the security of web applications.In order to facilitate architectural security from the web application’s design phase itself,practitioners are now adopting the novel mechanism of security tactics.With the intent to conduct a research from the perspective of security tactics,the present study employs a hybrid multi-criteria decision-making approach named fuzzy analytic hierarchy process-technique for order preference by similarity ideal solution(AHP-TOPSIS)method for selecting and assessing multi-criteria decisions.The adopted methodology is a blend of fuzzy analytic hierarchy process(fuzzy AHP)and fuzzy technique for order preference by similarity ideal solution(fuzzy TOPSIS).To establish the efficacy of this methodology,the results are obtained after the evaluation have been tested on fifteen different web application projects(Online Quiz competition,Entrance Test,and others)of the Babasaheb Bhimrao Ambedkar University,Lucknow,India.The tabulated outcomes demonstrate that the methodology of the Multi-Level Fuzzy Hybrid system is highly effective in providing accurate estimation for strengthening the security of web applications.The proposed study will help experts and developers in developing and managing security from any web application design phase for better accuracy and higher security.展开更多
The Tor dark web network has been reported to provide a breeding ground for criminals and fraudsters who are exploiting the vulnerabilities in the network to carry out illicit and unethical activities.The network has ...The Tor dark web network has been reported to provide a breeding ground for criminals and fraudsters who are exploiting the vulnerabilities in the network to carry out illicit and unethical activities.The network has unfortunately become a means to perpetuate crimes like illegal drugs and firearm trafficking,violence and terrorist activities among others.The government and law enforcement agencies are working relentlessly to control the misuse of Tor network.This is a study in the similar league,with an attempt to suggest a link-based ranking technique to rank and identify the influential hidden services in the Tor dark web.The proposed method considers the extent of connectivity to the surface web services and values of the centrality metrics of a hidden service in the web graph for ranking.The modified PageRank algorithm is used to obtain the overall rankings of the hidden services in the dataset.Several graph metrics were used to evaluate the effectiveness of the proposed technique with other commonly known ranking procedures in literature.The proposed ranking technique is shown to produce good results in identifying the influential domains in the tor network.展开更多
The ubiquitous nature of the internet has made it easier for criminals to carry out illegal activities online.The sale of illegal firearms and weaponry on dark web cryptomarkets is one such example of it.To aid the la...The ubiquitous nature of the internet has made it easier for criminals to carry out illegal activities online.The sale of illegal firearms and weaponry on dark web cryptomarkets is one such example of it.To aid the law enforcement agencies in curbing the illicit trade of firearms on cryptomarkets,this paper has proposed an automated technique employing ensemble machine learning models to detect the firearms listings on cryptomarkets.In this work,we have used partof-speech(PoS)tagged features in conjunction with n-gram models to construct the feature set for the ensemble model.We studied the effectiveness of the proposed features in the performance of the classification model and the relative change in the dimensionality of the feature set.The experiments and evaluations are performed on the data belonging to the three popular cryptomarkets on the Tor dark web from a publicly available dataset.The prediction of the classification model can be utilized to identify the key vendors in the ecosystem of the illegal trade of firearms.This information can then be used by law enforcement agencies to bust firearm trafficking on the dark web.展开更多
基金Deanship of Scientific Research at King Khalid University for funding this work through Large Group Research Project under Grant Number RGP2/249/44.
文摘Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.
文摘Design architecture is the edifice that strengthens the functionalities as well as the security of web applications.In order to facilitate architectural security from the web application’s design phase itself,practitioners are now adopting the novel mechanism of security tactics.With the intent to conduct a research from the perspective of security tactics,the present study employs a hybrid multi-criteria decision-making approach named fuzzy analytic hierarchy process-technique for order preference by similarity ideal solution(AHP-TOPSIS)method for selecting and assessing multi-criteria decisions.The adopted methodology is a blend of fuzzy analytic hierarchy process(fuzzy AHP)and fuzzy technique for order preference by similarity ideal solution(fuzzy TOPSIS).To establish the efficacy of this methodology,the results are obtained after the evaluation have been tested on fifteen different web application projects(Online Quiz competition,Entrance Test,and others)of the Babasaheb Bhimrao Ambedkar University,Lucknow,India.The tabulated outcomes demonstrate that the methodology of the Multi-Level Fuzzy Hybrid system is highly effective in providing accurate estimation for strengthening the security of web applications.The proposed study will help experts and developers in developing and managing security from any web application design phase for better accuracy and higher security.
基金supported by Taif University Researchers Supporting Project Number(TURSP-2020/231),Taif University,Taif,Saudi Arabia.
文摘The Tor dark web network has been reported to provide a breeding ground for criminals and fraudsters who are exploiting the vulnerabilities in the network to carry out illicit and unethical activities.The network has unfortunately become a means to perpetuate crimes like illegal drugs and firearm trafficking,violence and terrorist activities among others.The government and law enforcement agencies are working relentlessly to control the misuse of Tor network.This is a study in the similar league,with an attempt to suggest a link-based ranking technique to rank and identify the influential hidden services in the Tor dark web.The proposed method considers the extent of connectivity to the surface web services and values of the centrality metrics of a hidden service in the web graph for ranking.The modified PageRank algorithm is used to obtain the overall rankings of the hidden services in the dataset.Several graph metrics were used to evaluate the effectiveness of the proposed technique with other commonly known ranking procedures in literature.The proposed ranking technique is shown to produce good results in identifying the influential domains in the tor network.
基金Funding for this study is received from the Taif University Research Supporting Projects at Taif University,Kingdom of Saudi Arabia under Grant No.TURSP-2020/254.
文摘The ubiquitous nature of the internet has made it easier for criminals to carry out illegal activities online.The sale of illegal firearms and weaponry on dark web cryptomarkets is one such example of it.To aid the law enforcement agencies in curbing the illicit trade of firearms on cryptomarkets,this paper has proposed an automated technique employing ensemble machine learning models to detect the firearms listings on cryptomarkets.In this work,we have used partof-speech(PoS)tagged features in conjunction with n-gram models to construct the feature set for the ensemble model.We studied the effectiveness of the proposed features in the performance of the classification model and the relative change in the dimensionality of the feature set.The experiments and evaluations are performed on the data belonging to the three popular cryptomarkets on the Tor dark web from a publicly available dataset.The prediction of the classification model can be utilized to identify the key vendors in the ecosystem of the illegal trade of firearms.This information can then be used by law enforcement agencies to bust firearm trafficking on the dark web.