The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
We propose Nucleus, a novel function detection algorithm for binaries. In contrast to prior work, Nucleus is compiler-agnostic, and does not require any learning phase or signature information. Instead of scanning for signatures, Nucleus detects functions at the Control Flow Graph-level, making it inherently suitable for difficult cases such as non-contiguous or multi-entry functions. We evaluate...
The identification of vulnerabilities relies on detailed information about the target infrastructure. The gathering of the necessary information is a crucial step that requires an intensive scanning or mature expertise and knowledge about the system even though the information was already available in a different context. In this paper we propose a new method to detect vulnerabilities that reuses...
Having an effective security level for Embedded System (ES), helps a reliable and stable operation of this system. In order to identify, if the current security level for a given ES is effective or not, we need a proactive evaluation for this security level. The evaluation of the security level for ESs is not straightforward process, things like the heterogeneity among the components of ES complicate...
We present a novel approach for detecting malicious user activity in databases. Specifically, we propose a new machine learning algorithm for detecting attacks such as a stolen user account or illegal use by a user. Our algorithm relies on two main components that examine the consistency of a user's activity and compare it with activity patterns learned from past access. The first component tests...
Database management systems (DBMSs) are one of the most important components in modern large-scale systems. Thus, it is important for developers to write code that can access DBMS correctly and efficiently. Since the behaviour of database access code can sometimes be a blackbox for developers, writing good test cases to capture problems in database access code can be very difficult. In addition to...
Open source projects and the globalization of the software industry have been a driving force in reuse of system components across traditional system boundaries. As a result, vulnerabilities and security concerns are no longer only impact individual but now also global software ecosystems. Known vulnerabilities and security concerns are reported in specialized vulnerability databases, which often...
An insider contributes maximum to the leakage ofsensitive information knowingly or unknowingly in an enterprise. Therefore, the need for persistent protection of such informationis critical. At the same time, enterprise friendly features forrights and ownership management are of great importance to adigital rights management (DRM) system considering thedynamism of enterprise workforce in a large enterprise...
Over the last decade, a globalization of the software industry took place, which facilitated the sharing and reuse of code across existing project boundaries. At the same time, such global reuse also introduces new challenges to the software engineering community, with not only components but also their problems and vulnerabilities being now shared. For example, vulnerabilities found in APIs no longer...
Automated white-box testing is a major issue in software engineering. In previous work, we introduced LTest, a generic and integrated toolkit for automated white-box testing of C programs. LTest supports a broad class of coverage criteria in a unified way (through the label specification mechanism) and covers most major parts of the testing process – including coverage measurement, test generation...
In most cases, web applications communicate with web services (SOAP and RESTful). The former act as a front-end to the latter, which contain the business logic. A hacker might not have direct access to those web services (e.g., they are not on public networks), but can still provide malicious inputs to the web application, thus potentially compromising related services. Typical examples are XML injection...
Continuous security certification of software-as-a-service (SaaS) aims at continuously, i.e. repeatedly and automatically validating whether a SaaS application adheres to a set of security requirements. Since SaaS applications make heavy use of web application technologies, checking security requirements with the help of web application testing techniques seems evident. However, these techniques mainly...
User authentication is a very important securitymechanism for accessing the services while roaming in theglobal mobility networks. However, the authentication schemesdesigned are vulnerable to the attacks, hence new requirementsshould be employed while designing a scheme. In 2014 Gopeand Hwang proposed an efficient mutual authentication andkey agreement scheme, in which they stated that the schemeprovides...
In this paper, we review security and usability scenarios. We propose security enhancement without losing usability. We apply this approach to popular application systems in the database. Specifically, we analyze database security in access control, auditing, authentication, encryption, integrity control, and backups. Finally, we present our recommendations for system security and usability to go...
In this paper, we propose new techniques for the secure storage of transport data consisting of vehicles, registrations and payments in the e-Services Web Portal of Transport Department. For this purpose, new secure and effective storage techniques are proposed in this paper in order to store the data efficiently and to retrieve them fast. The proposed techniques have been tested, using Tamil Nadu...
The project titled “ONLINE FLOWER MARKETING SYSTEM USING MOBILE APPS” is a comprehensive system which co-ordinates various operations in flower shop by using the mobile application through the online. This includes a variety of collections of flowers and flower made products such as flower arrangements, flower bouquets, retails and etc. This project deals with the booking of various flower products...
Nowadays, various network services, such as online shops and reservation of facilities, have been used with the spread of the Internet. Some of these services request to offer personal information to users. However, we cannot know how offered personal information is used. Thus, we feel uneasy to offer personal information to service providers. For this reason, we proposed a framework that a user can...
With the dawn of rising sophisticated technology where everything or rather everyone depends on smartphones, tablets and voice assistants. With such increase in the rate of people using technology to automate their tasks, it is impractical to hire a person for monitoring the CCTV or the IP camera feed for the intruders. Hence, the concept of automation can be implemented here as well. CCTV cameras...
Many studies analyze issue tracking repositories to understand and support software development. To facilitate the analyses, we share a Mozilla issue tracking dataset covering a 15-year history. The dataset includes three extracts and multiple levels for each extract. The three extracts were retrieved through two channels, a front-end (web user interface (UI)), and a back-end (official database dump)...
The growing crime rate of any country is always one of the biggest obstacles to its growth and development. With more manpower it certainly helps to keep the crime rate at bay, but is manpower the ideal solution? No. This may come as a surprise that despite Big Data being the boom of the century is yet to take firm roots when it comes to helping solve a Criminal Investigation. With the aim of changing...
With the continuous and rapid increase in quantity and diversity of Smartphone application usage, the storage of sensitive personal and even financial information of the users is also being augmented. It creates motivation for developers of malicious applications to put more effort on discovering ways to identify and exploit the vulnerabilities of utility applications and grab the sensitive information...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.