A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics

Dynamically reconfigurable hardware combines hardware performance with software-like flexibility and finds increasing use in networked systems. The capability to load hardware modules at runtime provides these systems with an unparalleled degree of adaptivity but at the same time poses new challenges for security and safety. In this paper, we elaborate on the presentation of proof carrying hardware (PCH) as a novel approach to reconfigurable system security. PCH takes a key concept from software security, known as proof-carrying code, into the reconfigurable hardware domain. We outline the PCH concept and discuss runtime combinational equivalence checking as a first online verification problem applying the concept. We present a prototype tool flow and experimental results demonstrating the feasibility and potential of the PCH approach.

Download Full-text

Framework for Testing the Security of Application Software at Design Phase

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k1488.0981119 ◽

2019 ◽

Vol 8 (11) ◽

pp. 4039-4049

Keyword(s):

Software Development ◽

Initial Level ◽

Software Security ◽

System Security ◽

Security Requirements ◽

Security Level ◽

Application Software ◽

Design Phase ◽

Security Testing ◽

Security Breaches

Software security testing is essential to reveal the weaknesses in the security of the system. The security level of the software must be assessed properly and timely so that the security breaches can be prevented to occur otherwise they harm the system. Security testing during designing the software will be advantageous to reduce the rework and expenses required if it will be found insecure after the implementation. Security testing can be achieved efficiently through proper framework at the early stages of software development. Security can be checked at the initial level by taking inputs at the requirement phase and design phase so that loopholes can be found and the propagation of vulnerabilities can be prevented. At requirement phase security requirements can be filtered and then at the next phase designing artifacts can be inspected for security errors. A metric is designed which will grade the software under test and state that whether the system is secured at the proper level or not. In this paper a framework is proposed which is based on metric and the validation of the metric is done through the Weyuker’s property.

Download Full-text

Applicability of the Software Security Code Metrics for Ethereum Smart Contract

Lecture Notes in Networks and Systems - The International Conference on Deep Learning, Big Data and Blockchain (Deep-BDB 2021) ◽

10.1007/978-3-030-84337-3_9 ◽

2021 ◽

pp. 106-119

Author(s):

Aboua Ange Kevin N’DA ◽

Santiago Matalonga ◽

Keshav Dahal

Keyword(s):

Software Security ◽

Smart Contract ◽

Code Metrics

Download Full-text

A Novel Approach of Polsar Image Classification Using Naïve Bayes Classifier

Advances in Intelligent Systems and Computing - Mathematical Modeling, Computational Intelligence Techniques and Renewable Energy ◽

10.1007/978-981-15-9953-8_9 ◽

2021 ◽

pp. 93-104

Author(s):

Nimrabanu Memon ◽

Samir B. Patel ◽

Dhruvesh P. Patel

Keyword(s):

Image Classification ◽

Naive Bayes ◽

Naïve Bayes ◽

Naive Bayes Classifier ◽

Bayes Classifier ◽

Naïve Bayes Classifier ◽

Novel Approach

Download Full-text

Fast Number Theoretic Transform for Ring-LWE on 8-bit AVR Embedded Processor

Sensors ◽

10.3390/s20072039 ◽

2020 ◽

Vol 20 (7) ◽

pp. 2039 ◽

Cited By ~ 1

Author(s):

Hwajeong Seo ◽

Hyeokdong Kwon ◽

Yongbeen Kwon ◽

Kyungho Kim ◽

Seungju Choi ◽

...

Keyword(s):

Random Sampling ◽

High Performance ◽

Random Number ◽

Assembly Language ◽

Random Number Generator ◽

Random Number Generation ◽

Optimization Techniques ◽

Security Level ◽

Reduction Techniques ◽

Novel Approach

In this paper, we optimized Number Theoretic Transform (NTT) and random sampling operations on low-end 8-bit AVR microcontrollers. We focused on the optimized modular multiplication with secure countermeasure (i.e., constant timing), which ensures high performance and prevents timing attack and simple power analysis. In particular, we presented combined Look-Up Table (LUT)-based fast reduction techniques in a regular fashion. This novel approach only requires two times of LUT access to perform the whole modular reduction routine. The implementation is carefully written in assembly language, which reduces the number of memory access and function call routines. With LUT-based optimization techniques, proposed NTT implementations outperform the previous best results by 9.0% and 14.6% for 128-bit security level and 256-bit security level, respectively. Furthermore, we adopted the most optimized AES software implementation to improve the performance of pseudo random number generation for random sampling operation. The encryption of AES-256 counter (CTR) mode used for random number generator requires only 3184 clock cycles for 128-bit data input, which is 9.5% faster than previous state-of-art results. Finally, proposed methods are applied to the whole process of Ring-LWE key scheduling and encryption operations, which require only 524,211 and 659,603 clock cycles for 128-bit security level, respectively. For the key generation of 256-bit security level, 1,325,171 and 1,775,475 clock cycles are required for H/W and S/W AES-based implementations, respectively. For the encryption of 256-bit security level, 1,430,601 and 2,042,474 clock cycles are required for H/W and S/W AES-based implementations, respectively.

Download Full-text

A New Approach to Locate Software Vulnerabilities Using Code Metrics

International Journal of Software Innovation ◽

10.4018/ijsi.2020070106 ◽

2020 ◽

Vol 8 (3) ◽

pp. 82-95

Author(s):

Mohammed Zagane ◽

Mustapha Kamel Abdi ◽

Mamdouh Alenezi

Keyword(s):

Software Security ◽

Software Components ◽

Vulnerability Detection ◽

Machine Learning Technique ◽

New Approach ◽

Software Vulnerabilities ◽

Security Issues ◽

Class Function ◽

Learning Technique ◽

Code Metrics

Automatic vulnerabilities prediction assists developers and minimizes resources allocated to fix software security issues. These costs can be minimized even more if the exact location of vulnerability is correctly indicated. In this study, the authors propose a new approach to using code metrics in vulnerability detection. The strength part of the proposed approach lies in using code metrics not to simply quantify characteristics of software components at a coarse granularity (package, file, class, function) such as complexity, coupling, etc., which is the approach commonly used in previous studies, but to quantify extracted pieces of code that hint presence of vulnerabilities at a fine granularity (few lines of code). Obtained results show that code metrics can be used with a machine learning technique not only to indicate vulnerable components wish was the aim of previous approaches but also to detect and locate vulnerabilities with very good accuracy.

Download Full-text

A Novel Approach to Predict Diabetes by Using Naive Bayes Classifier

2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184) ◽

10.1109/icoei48184.2020.9142959 ◽

2020 ◽

Author(s):

K. Lakshmi Priya ◽

Mourya Sai Charan Reddy Kypa ◽

Muchumarri Madhu Sudhan Reddy ◽

G. Ram Mohan Reddy

Keyword(s):

Naive Bayes ◽

Naïve Bayes ◽

Naive Bayes Classifier ◽

Bayes Classifier ◽

Naïve Bayes Classifier ◽

Novel Approach

Download Full-text

Impulse-Based UWB for Next Generation Secure and Tunable Short-Range Wireless Infrastructures

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.793.535 ◽

2015 ◽

Vol 793 ◽

pp. 535-540

Author(s):

Ezeddin Sanam ◽

Kamaruzzaman Seman ◽

M.S. Jawad ◽

Abadal Salam T. Hussain ◽

Mohd Zalisham Jali

Keyword(s):

Secure Communication ◽

Communication Channel ◽

Wide Band ◽

Security Level ◽

Novel Approach ◽

Receiver Performance ◽

Encryption Algorithms ◽

Increasing Demand ◽

Complex Modulation ◽

Band Signal

There will be increasing demand for high confidentiality, integrity, authentication, for widely deployment of the next RFID generation beside that, the focus will be on avoiding encryption algorithms; as these require more complex modulation, to secure communication between RFID’s tags and readers. In this paper, the focus will be on securing the communication channel between tags and readers at the physical layer, rather than to secure the contents of RFIDs data by encryption. The RFID reader initially will communicate with the tag through a narrowband communication and subsequently through broadband communication, by generating ultra wide-band signal using pulse position modulation with time hopped, it can be a novel approach for RFID security as it simplify or eliminate cryptographic requirements with the same security level of existing passive RFIDs, also it allow simultaneous multiple access without-collision, which will enhance the overall RFID systems performance. The design of the system will be shown by modeling the communication, the designing details of the transmitter as well as the receiver, finally showing the simulated results of modulated signal with its specific parameters as well as the receiver performance.

Download Full-text