37,420 research outputs found

    A Comparison of Transfer Learning Algorithms for Defect and Vulnerability Detection

    Get PDF
    Machine learning techniques for defect and vulnerability detection have the potential to quickly direct developers' attention to software components with faulty implementations. Effective application of such defect prediction methods in practical software development environments requires transfer learning algorithms so that models built using existing projects can recognize defects as they emerge in a new project. Up until this study, comparing the efficacy of transfer learning algorithms was challenging because previous studies used differing data sets, baselines, and performance metrics. By providing open source implementations and baseline performance metrics for several transfer learning algorithms on two different data sets, our project offers software engineers the tools to objectively compare methods and readily identify top performing transfer learning algorithms in the domain of both vulnerability and defect prediction

    Learning-based Analysis on the Exploitability of Security Vulnerabilities

    Get PDF
    The purpose of this thesis is to develop a tool that uses machine learning techniques to make predictions about whether or not a given vulnerability will be exploited. Such a tool could help organizations such as electric utilities to prioritize their security patching operations. Three different models, based on a deep neural network, a random forest, and a support vector machine respectively, are designed and implemented. Training data for these models is compiled from a variety of sources, including the National Vulnerability Database published by NIST and the Exploit Database published by Offensive Security. Extensive experiments are conducted, including testing the accuracy of each model, dynamically training the models on a rolling window of training data, and filtering the training data by various features. Of the chosen models, the deep neural network and the support vector machine show the highest accuracy (approximately 94% and 93%, respectively), and could be developed by future researchers into an effective tool for vulnerability analysis

    Management and Security of IoT systems using Microservices

    Get PDF
    Devices that assist the user with some task or help them to make an informed decision are called smart devices. A network of such devices connected to internet are collectively called as Internet of Things (IoT). The applications of IoT are expanding exponentially and are becoming a part of our day to day lives. The rise of IoT led to new security and management issues. In this project, we propose a solution for some major problems faced by the IoT devices, including the problem of complexity due to heterogeneous platforms and the lack of IoT device monitoring for security and fault tolerance. We aim to solve the above issues in a microservice architecture. We build a data pipeline for IoT devices to send data through a messaging platform Kafka and monitor the devices using the collected data by making real time dashboards and a machine learning model to give better insights of the data. For proof of concept, we test the proposed solution on a heterogeneous cluster, including Raspberry Pi’s and IoT devices from different vendors. We validate our design by presenting some simple experimental results
    • …
    corecore