Abstract

The explosive growth of internet users and connected devices increased the threat vector surface. However, there is no single website or a search engine that provides information on vulnerabilities, threats, attacks, controls, etc. Ambiguity, bias and lack of credibility are some of the alarming issues while dealing with generic search engines on sensitive topics such as ‘Health’ and ‘Information Security’. A dedicated information security specific search engine benefits various stakeholders including security professionals, researchers, government, regulators and others. We implemented a fine grained approach that identifies sub-domains of information security, extracts related URLs and content and assesses search results credibility to enhance adoption of information security specific search engine. To identify sub-domains and extract seed and child URLs, a fine grained approach that extends an efficient Artificial Bee Colony algorithm was implemented. About 34,007 seed URLs and 400,726 child URLs of various sub-domains of the information security were extracted. The results of the proposed approach identified more URLs (seed and child) of sub-domains as compared to existing approaches while consuming less computing resources.

Abstract

Introducing the fundamentals of software systems to early undergraduates is a tedious journey for the instructors. It is crucial for students as it lays the foundation and establishes a perception of the upcoming computing courses. With rapid advancements in technology and considering the changes in workforce practices, it is required to upgrade the course curriculum to up-skill the students in contrast to prevailing times. This paper discusses our journey towards upgrading a decade-old introductory course on Software Systems for early undergraduate students. We present our approach towards updating the course curriculum and its delivery modes to ease learnability among early undergraduate students. We implemented mixed pedagogy methods over the years and captured student feedback to evaluate our approach.

Abstract

A system for evaluating and facilitating customized source code based on the usability guidelines using a usability code pattern analysis is provided . The system includes a decom pile module , a guideline loader module , an inspection mod ule , a validation module , a recommendation module , and one or more databases . The system obtains the input package from the user computing device to generate customized the usability code pattern for the input package by decompiling , inspecting and validating the input package against a vali dation case based on the usability guidelines . The input package layout files decompiled in XML and JAR file formats . The evaluation of the usability guideline is based on existing usability guidelines . The validation module vali dates the usability of the input package at each instance periodically using validation test cases .

Abstract

Increasing usage of Information Technology (IT) applications in distributed environment is leading to an increase in security exploits. Vulnerabilities related information is also available on open web in an unstructured format that developers may leverage to fix security weaknesses in their IT applications. SQL Injection (SQLi) is one of the topmost vulnerabilities impacting the security of IT applications. We propose an approach to identify information about SQLi in text using text summarization to process any length of text, and a supervised machine learning model to automate the classification of SQLi. To validate the proposed approach, we created a dataset of 100,019 entries that includes 50,010 entries of SQLi from the National Vulnerability Database, 25,010 near negatives related to other cyber security vulnerabilities, and 24,999 data entries that are unrelated to cyber security. The selected Random Forest model was also tested identify SQLi from Web and Twitter text.

Abstract

No Results Found

Abstract

Walking in a Virtual Environment is a bounded task. It is challenging for a subject to navigate a large virtual environment designed in a limited physical space. External hardware support may be required to achieve such an act in a concise physical area without compromising navigation and virtual scene rendering quality. This paper proposes an algorithmic approach to let a subject navigate a limitless virtual environment within a limited physical space with no additional external hardware support apart from the the regular Head-Mounted-Device (HMD) itself. As part of our work, we developed a Virtual Art Gallery as a use-case to validate our algorithm. We conducted a simple user-study to gather feedback from the participants to evaluate the ease of locomotion of the application. The results showed that our algorithm could generate limitless paths of our use-case under predefined conditions and can be extended to other use-cases.

Abstract

Walking in a Virtual Environment is a bounded task. It is challenging for a subject to navigate a large virtual environment designed in a limited physical space. External hardware support may be required to achieve such an act in a concise physical area without compromising navigation and virtual scene rendering quality. This paper proposes an algorithmic approach to let a subject navigate a limitless virtual environment within a limited physical space with no additional external hardware support apart from the the regular Head-Mounted-Device (HMD) itself. As part of our work, we developed a Virtual Art Gallery as a use-case to validate our algorithm. We conducted a simple user-study to gather feedback from the participants to evaluate the ease of locomotion of the application. The results showed that our algorithm could generate limitless paths of our use-case under predefined conditions and can be extended to other use-cases

Abstract

The adoption of Machine Learning (ML) in software applications has increased in domains like healthcare, banking and others. leading to coining of the term MLWare applications. However, challenges like diverse code base, complex components, lack of expertise, etc. persist in development and maintenance of these applications. Application of software engineering patterns and practices for the development of MLWare applications can improve maintainability, extensibility, scalability and other software quality parameters. In this paper, we propose an approach for developing MLWare applications using a pattern oriented approach. We demonstrate the approach on a credit risk scorecard application that can helps loan officer identify risk patterns and make loan decisions.

Abstract

Requirements Engineering in the industry is expertise-driven, heavily manual, and centered around various types of requirement specification documents being prepared and maintained. These specification documents are in diverse formats and vary depending on whether it is a business requirement document, functional specification, interface specification, client specification, and so on. These diverse specification documents embed crucial product knowledge such as functional decomposition of the domain into features, feature hierarchy, feature types and their specific feature characteristics, dependencies, business context, etc. Moreover, in a product development scenario, thousands of pages of requirement specification documentation is created over the years. Comprehending functionality and its associated context from large volumes of specification documents is a highly complex task. To address this problem, we propose to digitalize the requirement specification documents into processable models. This paper discusses the salient aspects involved in the digitalization of requirements knowledge from diverse requirement specification documents. It proposes an AI engine for the automatic transformation of diverse text-based requirement specifications into machine-processable models using NLP techniques and the generation of context-sensitive user stories. The paper describes the key requirement abstractions and concepts essential in an industrial scenario, the conceptual meta-model, and DizReq engine (AI engine for digitalizing requirements) implementation for automatically transforming diverse requirement specifications into user stories embedding the business context. The evaluation results from digitalizing specifications of an IT product suite are discussed: mean feature extraction efficiency is 40 features/file, mean user story extraction efficiency is 71 user stories/file, feature extraction accuracy is 94%, and requirement extraction accuracy is 98%. Keywords: NLP, NLP4RE, model extraction, requirements digitalization, requireme

Abstract

With increasing computing power, capacity and internet connectivity, the ability to learn has crossed classroom boundaries in the form of online learning. The adoption rate and effectiveness of online learning continues to be an area of research. Collaborative and Cooperative (CoCo) learning involves a joint effort by students to understand and solve problems or tasks. Adoption of open source software has also increased with technology-aided collaboration and cooperation. Leveraging the practices of crowdsourced software development, we propose CoCo Learning approach for technical education using virtual labs. About 145 undergraduate engineering students from various institutes participated in our study for a period of one full semester. About 92% of the students conducted an average of 24 virtual experiments with this approach. Nearly 90% of the faculty from these institutes also confirmed that their students' understanding of courses has improved while delivering tangible software artifacts as outcomes.