Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malwar...Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats.展开更多
Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,framew...Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,frameworks and methodologies have been introduced by the researchers for a secure and sustainable software development life cycle.Therefore it is important to assess the usability of the popular security requirements engineering(SRE)approaches.A significant factor in the management and handling of successful security requirements is the assessment of security requirements engineering method performance.This assessment will allow changes to the engineering process of security requirements.The consistency of security requirements depends heavily on the usability of security requirements engineering.Several SRE approaches are available for use and each approach takes into account several factors of usability but does not cover every element of usability.There seems to be no realistic implementation of such models because the concept of usability is not specific.This paper aims at specifying the different taxonomy of usability and design hierarchical usability model.The taxonomy takes into account the common quality assessment parameters that combine variables,attributes,and characteristics identified in different approaches used for security requirements engineering.The multiple-criteria decision-making(MCDM)model used in this paper for usability evaluation is called the fuzzy AHP-TOPSIS model which can conveniently be incorporated into the current approach of software engineering.Five significant usability criteria are identified and used to evaluate the six different alternatives.Such strategies are graded as per their expected values of usability.展开更多
Blockchain technology has revolutionized conventional trade.The success of blockchain can be attributed to its distributed ledger characteristic,which secures every record inside the ledger using cryptography rules,ma...Blockchain technology has revolutionized conventional trade.The success of blockchain can be attributed to its distributed ledger characteristic,which secures every record inside the ledger using cryptography rules,making it more reliable,secure,and tamper-proof.This is evident by the significant impact that the use of this technology has had on people connected to digital spaces in the present-day context.Furthermore,it has been proven that blockchain technology is evolving from new perspectives and that it provides an effective mechanism for the intelligent transportation system infrastructure.To realize the full potential of the accurate and efficacious use of blockchain in the transportation sector,it is essential to understand the most effective mechanisms of this technology and identify the most useful one.As a result,the present work offers a priority-based methodology that would be a useful reference for security experts in managing blockchain technology and its models.The study uses the hesitant fuzzy analytical hierarchy process for prioritizing the different blockchain models.Based on the findings of actual performance,alternative solution A1 which is Private Blockchain model has an extremely high level of security satisfaction.The accuracy of the results has been tested using the hesitant fuzzy technique for order of preference by similarity to the ideal solution procedure.The study also uses guidelines from security researchers working in this domain.展开更多
Usually, the security requirements are addressed by abstracting the security problems arising in a specific context and providing a well proven solution to them. Security patterns incorporating proven security experti...Usually, the security requirements are addressed by abstracting the security problems arising in a specific context and providing a well proven solution to them. Security patterns incorporating proven security expertise solution to the recurring security problems have been widely accepted by the community of security engineering. The fllndamental challenge for using security patterns to satisfy security requirements is the lack of defined syntax, which makes it impossible to ask meaningful questions and get semantically meaningful answers. Therefore, this paper presents an ontological approach to facilitating security knowledge mapping from security requirements to their corresponding solutions security patterns. Ontologies have been developed using Web Ontology Language (OWL) and then incorporated into a security pattern search engine which enables sophisticated search and retrieval of security patterns using the proposed algorithm. Applying the introduced approach allows security novices to reuse security expertise to develop secure software system.展开更多
基金This researchwork is supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2024R411),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats.
基金Funding for this study is received from the Ministry of Education and Deanship of Scientific Research at King Abdulaziz University,Kingdom of Saudi Arabia under Grant No.IFPHI-269-611-2020.
文摘Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,frameworks and methodologies have been introduced by the researchers for a secure and sustainable software development life cycle.Therefore it is important to assess the usability of the popular security requirements engineering(SRE)approaches.A significant factor in the management and handling of successful security requirements is the assessment of security requirements engineering method performance.This assessment will allow changes to the engineering process of security requirements.The consistency of security requirements depends heavily on the usability of security requirements engineering.Several SRE approaches are available for use and each approach takes into account several factors of usability but does not cover every element of usability.There seems to be no realistic implementation of such models because the concept of usability is not specific.This paper aims at specifying the different taxonomy of usability and design hierarchical usability model.The taxonomy takes into account the common quality assessment parameters that combine variables,attributes,and characteristics identified in different approaches used for security requirements engineering.The multiple-criteria decision-making(MCDM)model used in this paper for usability evaluation is called the fuzzy AHP-TOPSIS model which can conveniently be incorporated into the current approach of software engineering.Five significant usability criteria are identified and used to evaluate the six different alternatives.Such strategies are graded as per their expected values of usability.
文摘Blockchain technology has revolutionized conventional trade.The success of blockchain can be attributed to its distributed ledger characteristic,which secures every record inside the ledger using cryptography rules,making it more reliable,secure,and tamper-proof.This is evident by the significant impact that the use of this technology has had on people connected to digital spaces in the present-day context.Furthermore,it has been proven that blockchain technology is evolving from new perspectives and that it provides an effective mechanism for the intelligent transportation system infrastructure.To realize the full potential of the accurate and efficacious use of blockchain in the transportation sector,it is essential to understand the most effective mechanisms of this technology and identify the most useful one.As a result,the present work offers a priority-based methodology that would be a useful reference for security experts in managing blockchain technology and its models.The study uses the hesitant fuzzy analytical hierarchy process for prioritizing the different blockchain models.Based on the findings of actual performance,alternative solution A1 which is Private Blockchain model has an extremely high level of security satisfaction.The accuracy of the results has been tested using the hesitant fuzzy technique for order of preference by similarity to the ideal solution procedure.The study also uses guidelines from security researchers working in this domain.
基金supported by Research Project of Education department of Liaoning Province(No.L2013156)National Scholarship(No.201208210386)Key Industry Problem Plan of Liaoning Province(No.2012219001)
文摘Usually, the security requirements are addressed by abstracting the security problems arising in a specific context and providing a well proven solution to them. Security patterns incorporating proven security expertise solution to the recurring security problems have been widely accepted by the community of security engineering. The fllndamental challenge for using security patterns to satisfy security requirements is the lack of defined syntax, which makes it impossible to ask meaningful questions and get semantically meaningful answers. Therefore, this paper presents an ontological approach to facilitating security knowledge mapping from security requirements to their corresponding solutions security patterns. Ontologies have been developed using Web Ontology Language (OWL) and then incorporated into a security pattern search engine which enables sophisticated search and retrieval of security patterns using the proposed algorithm. Applying the introduced approach allows security novices to reuse security expertise to develop secure software system.