37,420 research outputs found
A Comparison of Transfer Learning Algorithms for Defect and Vulnerability Detection
Machine learning techniques for defect and vulnerability detection have
the potential to quickly direct developers' attention to software
components with faulty implementations. Effective application of such
defect prediction methods in practical software development environments
requires transfer learning algorithms so that models built using
existing projects can recognize defects as they emerge in a new project.
Up until this study, comparing the efficacy of transfer learning
algorithms was challenging because previous studies used differing data
sets, baselines, and performance metrics. By providing open source
implementations and baseline performance metrics for several transfer
learning algorithms on two different data sets, our project offers
software engineers the tools to objectively compare methods and readily
identify top performing transfer learning algorithms in the domain of
both vulnerability and defect prediction
Learning-based Analysis on the Exploitability of Security Vulnerabilities
The purpose of this thesis is to develop a tool that uses machine learning techniques to make predictions about whether or not a given vulnerability will be exploited. Such a tool could help organizations such as electric utilities to prioritize their security patching operations. Three different models, based on a deep neural network, a random forest, and a support vector machine respectively, are designed and implemented. Training data for these models is compiled from a variety of sources, including the National Vulnerability Database published by NIST and the Exploit Database published by Offensive Security. Extensive experiments are conducted, including testing the accuracy of each model, dynamically training the models on a rolling window of training data, and filtering the training data by various features. Of the chosen models, the deep neural network and the support vector machine show the highest accuracy (approximately 94% and 93%, respectively), and could be developed by future researchers into an effective tool for vulnerability analysis
Management and Security of IoT systems using Microservices
Devices that assist the user with some task or help them to make an informed decision are called smart devices. A network of such devices connected to internet are collectively called as Internet of Things (IoT). The applications of IoT are expanding exponentially and are becoming a part of our day to day lives. The rise of IoT led to new security and management issues. In this project, we propose a solution for some major problems faced by the IoT devices, including the problem of complexity due to heterogeneous platforms and the lack of IoT device monitoring for security and fault tolerance. We aim to solve the above issues in a microservice architecture. We build a data pipeline for IoT devices to send data through a messaging platform Kafka and monitor the devices using the collected data by making real time dashboards and a machine learning model to give better insights of the data. For proof of concept, we test the proposed solution on a heterogeneous cluster, including Raspberry Pi’s and IoT devices from different vendors. We validate our design by presenting some simple experimental results
- …