Web Security Detection Tool

According to Government Computer News (GCN) web attacks have been marked as all- time high this year. GCN says that some of the leading security software like SOPHOS detected about 15,000 newly infected web pages daily in initial three months of 2008 [13]. This has lead to the need of efficient software to make web applications robust and sustainable to these attacks. While finding information on different types of attacks, I found that SQL injection and cross site scripting are the most famous among attackers. These attacks are used extensively since, they can be performed using different techniques and it is difficult to make a web application completely immune to these attacks. There are myriad detection tools available which help to detect vulnerabilities in web applications. These tools are mainly categorized as white-box and black-box testing tools. In this writing project, we aim to develop a detection tool which would be efficient and helpful for the users to pinpoint possible vulnerabilities in his/her PHP scripts. We propose a technique to integrate the aforementioned categories of tools under one framework to achieve better detection against possible vulnerabilities. Our system focuses on giving the developer a simple and concise tool which would help him/her to correct possible loopholes in the PHP code snippets

Experiences and Challenges with Using Cert Data to Analyze International Cyber Security

With the increasing interconnection of computer networks and sophistication of cyber attacks, it is important to understand the dynamics of such situations, especially in regards to cyber international relations. The Explorations in Cyber International Relations (ECIR) Data Dashboard Project is an initiative to gather worldwide cybersecurity data publicly provided by nation-level Computer Emergency Response Teams (CERTs) and to provide a set of tools to analyze the cybersecurity data. The unique contributions of this paper are: (1) an evaluation of the current state of the diverse nation-level CERT cybersecurity data sources, (2) a description of the Data Dashboard tool developed and some interesting analyses from using our tool, and (3) a summary of some challenges with the CERT data availability and usability uncovered in our research.The work reported herein was supported, in part, by the Explorations in Cyber International Relations (ECIR) project funded by the Office of Naval Research (ONR) contract number N00014-09-1-0597

Experiences and Challenges with using CERT Data to Analyzes

With the increasing interconnection of computer networks and sophistication of cyber attacks, it is important to understand the dynamics of such situations, especially in regards to cyber international relations. The Explorations in Cyber International Relations (ECIR) Data Dashboard Project is an initiative to gather worldwide cybersecurity data publicly provided by nation-level Computer Emergency Response Teams (CERTs) and to provide a set of tools to analyze the cybersecurity data. The unique contributions of this paper are: (1) an evaluation of the current state of the diverse nation-level CERT cybersecurity data sources, (2) a description of the Data Dashboard tool developed and some interesting analyses from using our tool, and (3) a summary of some challenges with the CERT data availability and usability uncovered in our research

Comparative Analysis of Cybersecurity Metrics to Develop New Hypotheses

Few Internet security organizations provide comprehensive, detailed, and reliable quantitative metrics, especially in the international perspective across multiple countries, multiple years, and multiple categories. As common refrain to justify this situation, organizations ask why they should spend valuable time and resources collecting and standardizing data. This report aims to provide an encouraging answer to this question by demonstrating the value that even limited metrics can provide in a comparative perspective. We present some findings generated through the use of a research tool, the Explorations in Cyber Internet Relations (ECIR) Data Dashboard. In essence, this dashboard consists of a simple graphing and analysis tool, coupled with a database consisting of data from disparate national-level cyber data sources provided by governments, Computer Emergency Response Teams (CERTs), and international organizations. Users of the dashboard can select relevant security variables, compare various countries, and scale information as needed. In this paper, using this tool, we present an example of observations concerning the fight against cybercrime, along with several hypotheses attempting to explain the findings. We believe that these preliminary results suggest valuable ways in which such data could be used and we hope this research will help provide the incentives for organizations to increase the quality and quantity of standardized quantitative data available

The Effect of Attitude, Social Trust and Trust in Social Networking Sites on Two Dimensions of Sharing Behavior

Although social networking sites (SNS) are among the most important means of sharing and communication in today’s virtual world, little work has been done to explain the sharing behavior of SNS users in detail. This study tries to investigate types of sharing behavior of SNS users and to find important factors affecting their sharing behavior. In terms of the width and depth of sharing information, we distinguish two important dimensions of sharing behavior: sharing regularity and sharing density. As a width dimension of sharing behavior, sharing regularity refers to the frequency of sharing information with other SNS users and as a depth dimension of sharing behavior, sharing density deals with the degree of private information sharing with others. Using the Theory of Reasoned Action, we propose a research model of two dimensions of sharing behavior including sharing attitude, social trust, and trust in a social networking site. We find that social trust and trust in the SNS have a significant effect on SNS users’ sharing attitude, which in turn strongly influences on two dimensions of sharing behavior. The implications of the study for research and practice will be discussed with future directions

SecREP : A Framework for Automating the Extraction and Prioritization of Security Requirements Using Machine Learning and NLP Techniques

Gathering and extracting security requirements adequately requires extensive effort, experience, and time, as large amounts of data need to be analyzed. While many manual and academic approaches have been developed to tackle the discipline of Security Requirements Engineering (SRE), a need still exists for automating the SRE process. This need stems mainly from the difficult, error-prone, and time-consuming nature of traditional and manual frameworks. Machine learning techniques have been widely used to facilitate and automate the extraction of useful information from software requirements documents and artifacts. Such approaches can be utilized to yield beneficial results in automating the process of extracting and eliciting security requirements. However, the extraction of security requirements alone leaves software engineers with yet another tedious task of prioritizing the most critical security requirements. The competitive and fast-paced nature of software development, in addition to resource constraints make the process of security requirements prioritization crucial for software engineers to make educated decisions in risk-analysis and trade-off analysis. To that end, this thesis presents an automated framework/pipeline for extracting and prioritizing security requirements. The proposed framework, called the Security Requirements Extraction and Prioritization Framework (SecREP) consists of two parts: SecREP Part 1: Proposes a machine learning approach for identifying/extracting security requirements from natural language software requirements artifacts (e.g., the Software Requirement Specification document, known as the SRS documents) SecREP Part 2: Proposes a scheme for prioritizing the security requirements identified in the previous step. For the first part of the SecREP framework, three machine learning models (SVM, Naive Bayes, and Random Forest) were trained using an enhanced dataset the “SecREP Dataset” that was created as a result of this work. Each model was validated using resampling (80% of for training and 20% for validation) and 5-folds cross validation techniques. For the second part of the SecREP framework, a prioritization scheme was established with the aid of NLP techniques. The proposed prioritization scheme analyzes each security requirement using Part-of-speech (POS) and Named Entity Recognition methods to extract assets, security attributes, and threats from the security requirement. Additionally, using a text similarity method, each security requirement is compared to a super-sentence that was defined based on the STRIDE threat model. This prioritization scheme was applied to the extracted list of security requirements obtained from the case study in part one, and the priority score for each requirement was calculated and showcase