Factors affecting secure software development practices among developers- an investigation

An evidently dominate problem in the software development domain is that software security is not consistently addressed from the initial phase of software development which escalates security concerns, results in insecure software development. Several secure software development methodologies were introduced in literature and recommended to the industry but they are usually ignored by the developers and software practitioners. In this research paper, an extensive literature review is performed to find out factors influencing implementations of secure software development practices in industry. Secondly, based on Unified Theory of Acceptance and Use of Technology model 2 (UTAUT2) this study proposes a model to investigate the factors influencing adoption of secure software development practices among software developers

Investigation of adoption behaviour for social commerce in the kindom of Saudi Arabia

Social media fundamentally has changed the consumer's decision process. There are many research studies from different context for understanding the importance of social media, regrettably, not until recently, its business impact and opportunities were not seriously addressed. This is what led the Information System (IS) research community to come up with a new discipline known as Social Commerce (s-commerce). Hence an alternative means businesses through online social interactions emerge. This has made the social networking platform drives consumers to participate in social commerce. It is necessary to identify the significant factors that affect its acceptance. Thus, this research aimed to empirically examine the factors that affect s-commerce acceptance in Saudi Arabia. The quantitative research methodology was chosen to test the formulated hypothesis by subjective assessment of attitudes, opinions, and behavior of the people of Saudi Arabia

IDENTIFYING MOLECULAR FUNCTIONS OF DYNEIN MOTOR PROTEINS USING EXTREME GRADIENT BOOSTING ALGORITHM WITH MACHINE LEARNING

The majority of cytoplasmic proteins and vesicles move actively primarily to dynein motor proteins, which are the cause of muscle contraction. Moreover, identifying how dynein are used in cells will rely on structural knowledge. Cytoskeletal motor proteins have different molecular roles and structures, and they belong to three superfamilies of dynamin, actin and myosin. Loss of function of specific molecular motor proteins can be attributed to a number of human diseases, such as Charcot-Charcot-Dystrophy and kidney disease.  It is crucial to create a precise model to identify dynein motor proteins in order to aid scientists in understanding their molecular role and designing therapeutic targets based on their influence on human disease. Therefore, we develop an accurate and efficient computational methodology is highly desired, especially when using cutting-edge machine learning methods. In this article, we proposed a machine learning-based superfamily of cytoskeletal motor protein locations prediction method called extreme gradient boosting (XGBoost). We get the initial feature set All by extraction the protein features from the sequence and evolutionary data of the amino acid residues named BLOUSM62. Through our successful eXtreme gradient boosting (XGBoost), accuracy score 0.8676%, Precision score 0.8768%, Sensitivity score 0.760%, Specificity score 0.9752% and MCC score 0.7536%.  Our method has demonstrated substantial improvements in the performance of many of the evaluation parameters compared to other state-of-the-art methods. This study offers an effective model for the classification of dynein proteins and lays a foundation for further research to improve the efficiency of protein functional classification

Use of security patterns for development of secure healthcare information system

Healthcare systems have recently received attention from industry related to the sensitive and confidential information stored in it. This information is shared among different physicians, surgeons and technicians in the distributed and heterogeneous environment. Bearing these security concerns in mind a model driven methodology of using security patterns for development of secure healthcare information systems is proposed. This methodology consists of an extension of Unified Modeling Language (UML) deployment diagram namely as Security Patterns Deployment Diagram (SPDD) and a tool that supports for extending the use of proposed diagram. The proposed method has been validated by performing a case study on Healthcare Information System

Revised and extended social commerce technology adoption in e-business of Pakistan

Social commerce is a new perspective change in modern electronic business procedures bringing together individuals on social media sites and opens up another electronic social marketing channel to establish business. In developing countries like Pakistan, e-business can help organizations using social commerce and social marketing intelligently on particular social network sites to grasp their business clients while they are interacting with their online community on the social media sites. This study investigated consumers’ behavior towards adoption of social commerce and introduced a revised and extended social commerce technology model. The investigation proved the proposed model is valid by confirming loading factor, Kaiser-Mayer-Olkin (KMO), reliability analysis, and structural equation modeling approach for hypotheses tests. The study found Perceived Ease of Use (PEU), Perceived Usefulness (PU), Social Media Influence (SMI), and Risk (RI) have significant impact on social commerce adoption in e-business of Pakistan. More, Trust (TR) and Web experience (WXP) were insignificant that revealed the preventive behavior towards adoption of social commerce in e-business of Pakistan

UBI-XGB: IDENTIFICATION OF UBIQUITIN PROTEINS USING MACHINE LEARNING MODEL

A recent line of research has focused on Ubiquitination, a pervasive and proteasome-mediated protein degradation that controls apoptosis and is crucial in the breakdown of proteins and the development of cell disorders, is a major factor.  The turnover of proteins and ubiquitination are two related processes. We predict ubiquitination sites; these attributes are lastly fed into the extreme gradient boosting (XGBoost) classifier. We develop reliable predictors computational tool using experimental identification of protein ubiquitination sites is typically labor- and time-intensive. First, we encoded protein sequence features into matrix data using Dipeptide Deviation from Expected Mean (DDE) features encoding techniques. We also proposed 2nd features extraction model named dipeptide composition (DPC) model. It is vital to develop reliable predictors since experimental identification of protein ubiquitination sites is typically labor- and time-intensive. In this paper, we proposed computational method as named Ubipro-XGBoost, a multi-view feature-based technique for predicting ubiquitination sites. Recent developments in proteomic technology have sparked renewed interest in the identification of ubiquitination sites in a number of human disorders, which have been studied experimentally and clinically.  When more experimentally verified ubiquitination sites appear, we developed a predictive algorithm that can locate lysine ubiquitination sites in large-scale proteome data. This paper introduces Ubipro-XGBoost, a machine learning method. Ubipro-XGBoost had an AUC (area under the Receiver Operating Characteristic curve) of 0.914% accuracy, 0.836% Sensitivity, 0.992% Specificity, and 0.839% MCC on a 5-fold cross validation based on DPC model, and 2nd 0.909% accuracy, 0.839% Sensitivity, 0.979% Specificity, and 0. 0.829% MCC on a 5-fold cross validation based on DDE model. The findings demonstrate that the suggested technique, Ubipro-XGBoost, outperforms conventional ubiquitination prediction methods and offers fresh advice for ubiquitination site identification

Invite Internet Users to Honeynet Security to Improve VoIP Streaming Services

There are group of challenges in VoIP security, VoIP Quality and lots of peoples worked on it e.g., “IPSec security on VoIP”, “VoIP Honeypot architecture”, “cryptography techniques are used to safely transmit the information stream over the network” and many more. Security is a terminology which cannot be a perfect or 100%. For the time being we can be minimizing and protect to the threats but as the technology increases the new threats are also generating day by day. Researchers have applied different patterns, techniques and scenarios to prevent some specific threats and security frameworks for securing VoIP communication. But in this research, we want to analyze the quality of service after applying Honeynet security framework

A tool for modeling software security requirements using security patterns

Security requirements of today’s software systems are increasing and becoming complex. Software industry has well recognized that security should be incorporated at earlier stages of the software development. It is not easy for the programmers and developers to incorporate security in the software without proper expertise in it. For that reason different security patterns were proposed by the security experts for implementation of security by non-security experts. A security pattern provides well proven solution for the existing security problem in a specific context provided by the security experts. Security patterns usually are in textual format due to which they are often neglected at the design level. Security patterns do not constitute an intuitive solution that can be used by software designers because they are not useful without a systematic way to apply them. Security patterns lack comprehensive structure that conveys essential information inherent to security engineering (SE). This research presentsmethodology for presenting secure software requirements using Security Patterns that is tailored to meetthe needs of secure system development. In order to maximize comprehensibility, well-known notations of Unified Modeling Language (UML) is used to represent structuraland behavioral aspects of design. Only 13% of the papers published till 2015 involve tooling support for security patterns. To encounter this limitation, a methodology which focuses on the providing solution provided by the security pattern in the form of standard UML notations. As the proposed method results in an extension of Deployment diagram, it is named as Security Patterns Deployment Diagram (SPDD). It represents the solution provided by security patterns in standard UML graphical notation, which includes the compulsory elements of security patterns that are context, problem, actors, relations and solution including where attacks will be fended off in the early design stage of the software system in a single view. SPDD is proposed along with security modeling tool called SPDD Editor for modeling security pattern solution using proposed methodology. Security patterns research uses UML for modeling regardless of security patterns to be dealt with. It could be because UML is the most widely accepted formalism for the analysis and design of software. Therefore, itis considered as security pattern modeling method. This extension of deployment diagram provides a suitable way to define semantics for each solution provided by security pattern and allowing developers to easily understand software security requirements and their implementations in detail. A Plug-in for SeaMonster security designing tool has been developed to support the designing of the proposed diagram using Eclipse Graphical Modeling Framework (GMF) and Eclipse Graphical Editor Framework (GEF). The validation of SPDD has been done with the Hospital Information System (HIS) and E-Commerce System case studies. An expert review was performed to verify the proposed methodology and proposed tool support. SPDD editor tool and both methods SPDD and Component based application (CBA) were also evaluated by three experts in the field. The expert review results showed positive results towards acceptance of SPDD method and tool. Experimental comparison with twenty participants was also performed to validate the effectiveness and to find out the better method in terms of designing solution provided by security patterns from the participant’s point of view. The CBA method was selected to compare with proposed SPDD method because of the fact that most of the programmers and developers usually known to component diagram and there is no need to teach them its application and they can easily perform the tasks related to CBA method and also security pattern modeling application using CBA is previously proposed in literature. The experimental results from participants showed that there is a significant difference in designing threats and mitigation using SPDD editor in two methods. The SPDD method is used to design more threats and mitigation as compared to CBA method. By using proposed methodology and SPDD editor tool it is easier for the non-security expert to incorporate security at earlier stages of software development. It provides the facility of designing the security requirements in the architecture at design stage with incorporating expert knowledge of the security experts provided by the security patterns

Security Based SCURM Process (SUBSCRUM) For Secure Agile Development

This study presents an integrated approach for the consideration of security during agile development. A security-based SCRUM process (SBSCRUM) is introduced by taking advantage of the security patterns presented by security experts which contains the solution for a security threat. In the proposed security based SCRUM process the SCRUM team will be responsible for identifying the expected security threats to the system, in which all the expected threats to the system are modelled using mis-use case diagrams and then these modelled threats are mitigated using the security patterns which provide detailed solution to mitigate the threats and at final stage the security testing is performed to ensure that all the security threats identified are mitigated using security patterns. SBSCRUM is evaluated through the case studies in this paper. SBSCRUM will enable the software developers to develop secure software using agile development methods which lacks in the past

Challenges and limitations in secure software development adoption - A qualitative analysis in Malaysian software industry prospect

Inclusion of security in software development from the initial design phase has not been consistently addressed by the software developers. As a result there is an abundance of software systems with weak security. The objective of this study is to find out factors influencing developer's intention to adopt secure software development practices. Methodology: This study is based on qualitative research methodology. Interviews were conducted from the professionals working at senior positions at Malaysian software development organization. All the interviews were first transcribed, as they were digitally recorded. Then transcribed data was analyzed in a way that all frequent words or repetitive concepts were highlighted, after which many similar or relevant concepts were grouped together and categorized as themes and sub themes. Findings: The data was analyzed using the thematic analysis method. The results revealed five main themes, whereas each main theme has sub-themes. These sub-themes are parameters to justify the main theme. Main themes were identified in the light of the interviewee's response. The main results include interviewee's demographic characteristics, and then the main themes identified include, Adoption of SSD practices, Influencing authorities, Motivating Factors, Attitude towards SSD, Hindrances / Issues towards SSD Adoption. Sub themes included: Security Culture, Change Management, Applications of SSD, Managers, Security Expert, Training, Incentives, Security Awareness, Performance Expectancy, Facilitating Conditions, Demographic Characteristics, Need to use SSD, No clear guidelines, Strict Project Timeline, Lack of Security knowledge. The overall interview results show that secure software development practices adoption level in most part of the software industry is not up to the satisfactory level. Novelty/Applications: This research explores the factors impeding the implementation of the best security practices, and barriers to secure software development practices adoption. This study can be used as guideline to be followed for the implementation of secure software development practices in software industry. Keywords: Secure software development adoption; organizational factors;software developer intention; security development; software security