Relevant bibliographies by topics / False Positives and Static Topology / Journal articles
To see the other types of publications on this topic, follow the link: False Positives and Static Topology.

Journal articles on the topic 'False Positives and Static Topology'

Author: Grafiati
Published: 3 June 2025
Last updated: 31 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'False Positives and Static Topology.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

V., P. Krishna Anne*1 &. Dr. K. Rajasekhara Rao2. "ADVANCED IMPLEMENTATION OF ENHANCED AODV TO DETECT PASSIVE BASED INTRUSION DETECTION ATTACKS IN WIRELESS AD HOC NETWORKS." INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY 6, no. 7 (2017): 168–76. https://doi.org/10.5281/zenodo.823076.

Full text
Abstract:
Wireless networks are a combination of nodes or computers or devices which are communicate with each other in network communication. In wireless network communication security is an emerging challenge task. Some of the attacks occur in wireless ad hoc networks because of increase internal activities in data communication. AODV (Ad hoc On-Demand Distance Vector) is an aimed to detect intrusion detection attacks, implementation to detect intruder and provide solution to reduce packet delivery with respect to variative throughput based on data tranmission. To detect network valnerabilties in netw
APA, Harvard, Vancouver, ISO, and other styles
2

Yousefi-Azar, Mahmood, Len Hamey, Vijay Varadharajan, and Shiping Chen. "Byte2vec: Malware Representation and Feature Selection for Android." Computer Journal 63, no. 8 (2019): 1125–38. http://dx.doi.org/10.1093/comjnl/bxz121.

Full text
Abstract:
Abstract Malware detection based on static features and without code disassembling is a challenging path of research. Obfuscation makes the static analysis of malware even more challenging. This paper extends static malware detection beyond byte level $n$-grams and detecting important strings. We propose a model (Byte2vec) with the capabilities of both binary file feature representation and feature selection for malware detection. Byte2vec embeds the semantic similarity of byte level codes into a feature vector (byte vector) and also into a context vector. The learned feature vectors of Byte2v
APA, Harvard, Vancouver, ISO, and other styles
3

Park, Jihyun, Jaeyoung Shin, and Byoungju Choi. "Reduction of False Positives for Runtime Errors in C/C++ Software: A Comparative Study." Electronics 12, no. 16 (2023): 3518. http://dx.doi.org/10.3390/electronics12163518.

Full text
Abstract:
In software development, early defect detection using static analysis can be performed without executing the source code. However, defects are detected on a non-execution basis, thus resulting in a higher ratio of false positives. Recently, studies have been conducted to effectively perform static analyses using machine learning (ML) and deep learning (DL) technologies. This study examines the techniques for detecting runtime errors used in existing static analysis tools and the causes and rates of false positives. It analyzes the latest static analysis technologies that apply machine learning
APA, Harvard, Vancouver, ISO, and other styles
4

Sivaraman, Hariprasad. "Adaptive Thresholding in ML-Driven Alerting Systems for Reducing False Positives in Production Environment." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 12 (2024): 1–6. https://doi.org/10.55041/ijsrem11938.

Full text
Abstract:
Machine learning (ML)-driven alerting systems are essential for monitoring and ensuring stability in dynamic production environments. Traditional static thresholds often lead to excessive false positives, creating alert fatigue and reducing operational efficiency. This paper presents an adaptive thresholding model that dynamically adjusts alert thresholds based on real-time metrics, temporal trends, and historical data patterns. By integrating Long Short- Term Memory (LSTM) networks and autoencoders within an adaptive framework, this approach continuously learns and adapts to production data,
APA, Harvard, Vancouver, ISO, and other styles
5

Gunda Brahma Sagara. "Hybrid Deep Learning Framework for Real-Time Source Code Vulnerability Detection." Communications on Applied Nonlinear Analysis 32, no. 7s (2025): 889–900. https://doi.org/10.52783/cana.v32.3493.

Full text
Abstract:
Source code vulnerabilities threaten software security, making detection essential in modern development. Traditional methods like static and dynamic analysis often fail due to high false positives and limited scalability. This work introduces a hybrid deep learning framework using CNNs, LSTMs, and code embeddings to detect vulnerabilities in real time. Incorporating Abstract Syntax Trees (ASTs) and Graph Neural Networks (GNNs), the system ensures structural representation and program semantics analysis. Integrated into CI/CD pipelines, the approach improves precision, recall, and F1-score (up
APA, Harvard, Vancouver, ISO, and other styles
6

Dong, Yukun, Mengying Wu, Shanchen Pang, et al. "Automated Program-Semantic Defect Repair and False-Positive Elimination without Side Effects." Symmetry 12, no. 12 (2020): 2076. http://dx.doi.org/10.3390/sym12122076.

Full text
Abstract:
The alarms of the program-semantic defect-detection report based on static analysis include defects and false positives. The repair of defects and the elimination of false positives are time-consuming and laborious, and new defects may be introduced in the process. To solve these problems, the safe constraints interval of related variables and methods are proposed for the semantic defects in the program, and proposes a functionally equivalent no-side-effect program-semantic defect repair and false-positive elimination strategy based on the test-equivalence theory. This paper realizes the autom
APA, Harvard, Vancouver, ISO, and other styles
7

Mateo Tudela, Francesc, Juan-Ramón Bermejo Higuera, Javier Bermejo Higuera, Juan-Antonio Sicilia Montalvo, and Michael I. Argyros. "On Combining Static, Dynamic and Interactive Analysis Security Testing Tools to Improve OWASP Top Ten Security Vulnerability Detection in Web Applications." Applied Sciences 10, no. 24 (2020): 9119. http://dx.doi.org/10.3390/app10249119.

Full text
Abstract:
The design of the techniques and algorithms used by the static, dynamic and interactive security testing tools differ. Therefore, each tool detects to a greater or lesser extent each type of vulnerability for which they are designed for. In addition, their different designs mean that they have different percentages of false positives. In order to take advantage of the possible synergies that different analysis tools types may have, this paper combines several static, dynamic and interactive analysis security testing tools—static white box security analysis (SAST), dynamic black box security an
APA, Harvard, Vancouver, ISO, and other styles
8

Tiganov, Daniil, Lisa Nguyen Quang Do, and Karim Ali. "Designing UIs for Static Analysis Tools." Queue 19, no. 4 (2021): 97–118. http://dx.doi.org/10.1145/3487019.3487026.

Full text
Abstract:
Static-analysis tools suffer from usability issues such as a high rate of false positives, lack of responsiveness, and unclear warning descriptions and classifications. Here, we explore the effect of applying user-centered approach and design guidelines to SWAN, a security-focused static-analysis tool for the Swift programming language. SWAN is an interesting case study for exploring static-analysis tool usability because of its large target audience, its potential to integrate easily into developers' workflows, and its independence from existing analysis platforms.
APA, Harvard, Vancouver, ISO, and other styles
9

LI, MIN, JIAN-XIN WANG, HUAN WANG, and YI PAN. "IDENTIFICATION OF ESSENTIAL PROTEINS FROM WEIGHTED PROTEIN–PROTEIN INTERACTION NETWORKS." Journal of Bioinformatics and Computational Biology 11, no. 03 (2013): 1341002. http://dx.doi.org/10.1142/s0219720013410023.

Full text
Abstract:
Identifying essential proteins is very important for understanding the minimal requirements of cellular survival and development. Fast growth in the amount of available protein–protein interactions has produced unprecedented opportunities for detecting protein essentiality on network level. A series of centrality measures have been proposed to discover essential proteins based on network topology. Unfortunately, the protein–protein interactions produced by high-throughput experiments generally have high false positives. Moreover, most of centrality measures based on network topology are sensit
APA, Harvard, Vancouver, ISO, and other styles
10

Amit Singh, Et al. "?Implementation of Security Protocol for Intrusion Detection Systems in Wireless Sensor Networks." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 9 (2024): 3240–43. http://dx.doi.org/10.17762/ijritcc.v11i9.9515.

Full text
Abstract:
Sensor networks consist of compact sensors and actuators capable of monitoring physical conditions. Wireless Sensor Networks (WSNs) with limited power and dynamic topology require effective security mechanisms. Insider attacks pose a greater challenge than outsider attacks. This work proposes an Intrusion Detection approach in WSNs to detect attacks, emphasizing experimental results, parameter analysis, and Performance Evaluation based on accuracy and minimizing false positives.
APA, Harvard, Vancouver, ISO, and other styles
11

Ji, Yuchen, Ting Dai, Zhichao Zhou, Yutian Tang, and Jingzhu He. "Artemis: Toward Accurate Detection of Server-Side Request Forgeries through LLM-Assisted Inter-procedural Path-Sensitive Taint Analysis." Proceedings of the ACM on Programming Languages 9, OOPSLA1 (2025): 1349–77. https://doi.org/10.1145/3720488.

Full text
Abstract:
Server-side request forgery (SSRF) vulnerabilities are inevitable in PHP web applications. Existing static tools in detecting vulnerabilities in PHP web applications neither contain SSRF-related features to enhance detection accuracy nor consider PHP’s dynamic type features. In this paper, we present Artemis, a static taint analysis tool for detecting SSRF vulnerabilities in PHP web applications. First, Artemis extracts both PHP built-in and third-party functions as candidate source and sink functions. Second, Artemis constructs both explicit and implicit call graphs to infer functions’ relati
APA, Harvard, Vancouver, ISO, and other styles
12

Oleksandr, Popov, Shmatko Nataliia, Budanov Pavlo, Pantielieieva Iryna, and Brovko Kostiantyn. "COST­EFFECTIVENESS IN MATHEMATICAL MODELLING OF THE POWER UNIT CONTROL." Eastern-European Journal of Enterprise Technologies 6, no. 3 (102) (2019): 39–48. https://doi.org/10.15587/1729-4061.2019.183422.

Full text
Abstract:
The authors of the study have analysed the criteria for increasing cost-effectiveness in the operation of power-generating equipment of power units at TPPs and NPPs. The existing methods of calculating the cost-effectiveness disregard factors that lead to economic costs during shutdowns of the power unit and reduce the energy consumer load. A significant factor in increasing cost-effectiveness of the automated control systems at a power unit of a power plant is the compulsory checking to detect a low level of information reliability. It is proved that reliability of the power unit technologica
APA, Harvard, Vancouver, ISO, and other styles
13

Borodin, Alexey Evgenevich, Alexey Vyacheslavovich Goremykin, Sergey Pavlovitch Vartanov, and Andrey Andreevich Belevantsev. "Searching for tainted vulnerabilities in static analysis tool Svace." Proceedings of the Institute for System Programming of the RAS 33, no. 1 (2021): 7–32. http://dx.doi.org/10.15514/ispras-2021-33(1)-1.

Full text
Abstract:
The paper is dedicated to search for taint-based errors in the source code of programs, i.e. errors caused by unsafe use of data obtained from external sources, which could potentially be modified by an attacker. The interprocedural static analyzer Svace was used as a basis. The analyzer searches both for defects in the program and searches for suspicious places where the logic of the program may be violated. The goal is to find as many errors as possible at an acceptable speed and a low level of false positives (< 20-35%). To find errors, Svace with help of modified compiler builds a low-l
APA, Harvard, Vancouver, ISO, and other styles
14

He, Weigang, Peng Di, Mengli Ming, et al. "Finding and Understanding Defects in Static Analyzers by Constructing Automated Oracles." Proceedings of the ACM on Software Engineering 1, FSE (2024): 1656–78. http://dx.doi.org/10.1145/3660781.

Full text
Abstract:
Static analyzers are playing crucial roles in helping find programming mistakes and security vulnerabilities. The correctness of their analysis results is crucial for the usability in practice. Otherwise, the potential defects in these analyzers (, implementation errors, improper design choices) could affect the soundness (leading to false negatives) and precision (leading to false positives). However, finding the defects in off-the-shelf static analyzers is challenging because these analyzers usually lack clear and complete specifications, and the results of different analyzers may differ. To
APA, Harvard, Vancouver, ISO, and other styles
15

Tan, Yaodan, and Junfeng Tian. "A Method for Processing Static Analysis Alarms Based on Deep Learning." Applied Sciences 14, no. 13 (2024): 5542. http://dx.doi.org/10.3390/app14135542.

Full text
Abstract:
Automatic static analysis tools (ASATs), also known as static analyzers, have demonstrated their significance and practicability in detecting software defects. ASATs assist developers to identify potential vulnerabilities, errors, and security hazards in source code without executing the software. As software systems grow in scale and complexity, ASATs are replacing manual security audits and becoming crucial for detecting issues in code. However, ASATs often generate numerous warnings with high false positive rates, while developers typically only take measures on a small portion of actionabl
APA, Harvard, Vancouver, ISO, and other styles
16

Marques, Filipe, Mafalda Ferreira, André Nascimento, et al. "Automated Exploit Generation for Node.js Packages." Proceedings of the ACM on Programming Languages 9, PLDI (2025): 1341–66. https://doi.org/10.1145/3729304.

Full text
Abstract:
The Node.js ecosystem, with its growing popularity and increasing exposure to security vulnerabilities, has a pressing need for more effective security analysis tools. To reduce false positives, recent works on detecting vulnerabilities in Node.js packages have developed synthesis algorithms to generate proof-of-concept exploits. However, these tools focus mainly on vulnerabilities that can be triggered by a single direct call to an exported function of the analyzed package, failing to generate exploits that require more complex interactions. In this paper, we present Explode.js, the first too
APA, Harvard, Vancouver, ISO, and other styles
17

Cao, Buwen, Jiawei Luo, Cheng Liang, and Shulin Wang. "Identifying Protein Complexes by Combining Network Topology and Biological Characteristics." Journal of Computational and Theoretical Nanoscience 13, no. 10 (2016): 7666–75. http://dx.doi.org/10.1166/jctn.2016.6084.

Full text
Abstract:
Protein–protein interaction (PPI) data derived from biological experiments include many false-positive interactions which are treated equally as other real physical interactions, thereby complicating the detection of real protein complexes from protein–protein interaction (PPI) networks. In this paper, a new weighting method, named as cwMINE (combined weight of module identification in networks), for detecting protein complexes efficiently in protein interaction networks is presented. cwMINE has a good combination between network topology and biological feature, which can solve false positives
APA, Harvard, Vancouver, ISO, and other styles
18

Mandel, Nicolas, Nils Kompe, Moritz Gerwin, and Floris Ernst. "KISS—Keep It Static SLAMMOT—The Cost of Integrating Moving Object Tracking into an EKF-SLAM Algorithm." Sensors 24, no. 17 (2024): 5764. http://dx.doi.org/10.3390/s24175764.

Full text
Abstract:
The treatment of moving objects in simultaneous localization and mapping (SLAM) is a key challenge in contemporary robotics. In this paper, we propose an extension of the EKF-SLAM algorithm that incorporates moving objects into the estimation process, which we term KISS. We have extended the robotic vision toolbox to analyze the influence of moving objects in simulations. Two linear and one nonlinear motion models are used to represent the moving objects. The observation model remains the same for all objects. The proposed model is evaluated against an implementation of the state-of-the-art fo
APA, Harvard, Vancouver, ISO, and other styles
19

Jabbar, Haidar, and Samir Al-Janabi. "AI-Driven Phishing Detection: Enhancing Cybersecurity with Reinforcement Learning." Journal of Cybersecurity and Privacy 5, no. 2 (2025): 26. https://doi.org/10.3390/jcp5020026.

Full text
Abstract:
Phishing remains a persistent cybersecurity threat, often bypassing traditional detection methods due to evolving attack techniques. This study presents a Reinforcement Learning (RL)-based phishing detection framework, leveraging a Deep Q-Network (DQN) to enhance detection accuracy, reduce false positives, and improve classification performance. The model was trained and evaluated using a real-world dataset comprising 5000 emails (2500 phishing and 2500 benign) and externally validated against a synthetic phishing dataset of 1000 samples simulating unseen attacks. It achieved a 95% accuracy, 9
APA, Harvard, Vancouver, ISO, and other styles
20

Tian, Jie, Ming Yu Luo, and Meng Yang Chen. "A New Type of Hexagonal Fault-Tolerant Clustering Algorithm." Applied Mechanics and Materials 543-547 (March 2014): 1728–33. http://dx.doi.org/10.4028/www.scientific.net/amm.543-547.1728.

Full text
Abstract:
In view of the problem that present most clustering algorithms are given priority to save energy but ignoring fault tolerance, this paper puts forward a new kind of hexagonal fault-tolerant clustering algorithm (HFTC). By increasing the middle management node, which controls nodes rate of false positives and managements topology within the cluster, this algorithm completes nondestructive substitution between nodes. At the same time, the introduction of backup nodes, it also improves the networks fault tolerance. The simulation experiments show that HFTC can guarantee a high fault tolerance in
APA, Harvard, Vancouver, ISO, and other styles
21

Sandhya, Guduru. "Web3 Smart Contract Security: Slither Static Analysis, Echidna Fuzzing, and Certora Formal Verification." European Journal of Advances in Engineering and Technology 11, no. 5 (2024): 147–50. https://doi.org/10.5281/zenodo.15387253.

Full text
Abstract:
Ensuring the security of smart contracts is essential in Web3 development, as vulnerabilities in Solidity-based agreements can result in significant financial and operational risks. This study explores automated security auditing techniques, focusing on Slither for static analysis, Echidna for property-based fuzz testing, and Certora for formal verification. By integrating these tools, the research enhances vulnerability detection and reduces reliance on manual audits. Additionally, the study assesses Maximum Extractable Value (MEV) risks and evaluates Flashbots SUAVE as a mitigation strategy.
APA, Harvard, Vancouver, ISO, and other styles
22

Brotzman, Robert, Danfeng Zhang, Mahmut Taylan Kandemir, and Gang Tan. "SpecSafe: detecting cache side channels in a speculative world." Proceedings of the ACM on Programming Languages 5, OOPSLA (2021): 1–28. http://dx.doi.org/10.1145/3485506.

Full text
Abstract:
The high-profile Spectre attack and its variants have revealed that speculative execution may leave secret-dependent footprints in the cache, allowing an attacker to learn confidential data. However, existing static side-channel detectors either ignore speculative execution, leading to false negatives, or lack a precise cache model, leading to false positives. In this paper, somewhat surprisingly, we show that it is challenging to develop a speculation-aware static analysis with precise cache models: a combination of existing works does not necessarily catch all cache side channels. Motivated
APA, Harvard, Vancouver, ISO, and other styles
23

Bierhoff, Kevin. "Wildcards need witness protection." Proceedings of the ACM on Programming Languages 6, OOPSLA2 (2022): 373–94. http://dx.doi.org/10.1145/3563301.

Full text
Abstract:
In this paper, we show that the unsoundness discovered by Amin and Tate (2016) in Java’s wildcards is avoidable, even in the absence of a nullness-aware type system. The key insight of this paper is that soundness in type systems that implicitly introduce existential types through subtyping hinges on still making sure there are suitable witness types when introducing existentially quantified type variables. To show that this approach is viable, this paper formalizes a core calculus and proves it sound. We used a static analysis based on our approach to look for potential issues in a vast corpu
APA, Harvard, Vancouver, ISO, and other styles
24

Shimchik, Nikita Vladimirovich, Valery Nikolayevich Ignatyev, and Andrey Andreevich Belevantsev. "Irbis: static taint analyzer for vulnerabilities detection in C/C++." Proceedings of the Institute for System Programming of the RAS 34, no. 6 (2022): 51–66. http://dx.doi.org/10.15514/ispras-2022-34(6)-4.

Full text
Abstract:
Static taint analysis can be used to find various security weaknesses and vulnerabilities in programs by discovering dataflow paths from taint sources to taint sinks. In most cases the data is called ”tainted” if it was obtained from an untrusted source without proper sanitization. In this paper we present a static taint analyzer Irbis. It implements analysis based on IFDS (Interprocedural Finite Distributive Subset) dataflow problem, as well as various extensions aimed at improving accuracy and completeness of the analysis. It supports different definitions of tainted data, which enables it t
APA, Harvard, Vancouver, ISO, and other styles
25

Rehana Sultana Khan. "AI-Based Rate Limiting for Cloud Infrastructure: Implementation Guide." Journal of Computer Science and Technology Studies 7, no. 3 (2025): 370–80. https://doi.org/10.32996/jcsts.2025.7.3.43.

Full text
Abstract:
Rate limiting represents a critical security mechanism for protecting all applications from abuse while ensuring fair resource allocation. Traditional static threshold approaches face significant limitations in modern dynamic environments, frequently triggering false positives during legitimate traffic fluctuations while missing sophisticated attack patterns. AI-powered rate limiting addresses these limitations by analyzing traffic patterns across multiple dimensions and making intelligent throttling decisions based on learned behavior rather than predetermined rules. This comprehensive framew
APA, Harvard, Vancouver, ISO, and other styles
26

Yang, Gang, Chaojing Tang, and Xingtong Liu. "DualAC2NN: Revisiting and Alleviating Alert Fatigue from the Detection Perspective." Symmetry 14, no. 10 (2022): 2138. http://dx.doi.org/10.3390/sym14102138.

Full text
Abstract:
The exponential expansion of Internet interconnectivity has led to a dramatic increase in cyber-attack alerts, which contain a considerable proportion of false positives. The overwhelming number of false positives cause tremendous resource consumption and delay responses to the really severe incidents, namely, alert fatigue. To cope with the challenge from alert fatigue, we focus on enhancing the capability of detectors to reduce the generation of false alerts from the detection perspective. The core idea of our work is to train a machine-learning-based detector to grasp the empirical intellig
APA, Harvard, Vancouver, ISO, and other styles
27

Atmaja, Devi Yulianty Surya, and Achmad Samsudin. "Are There Misconceptions in My Class? Misconception Analysis with T3-SF (Three Tier-Test on Static Fluid)." Tarbiyah : Jurnal Ilmiah Kependidikan 13, no. 2 (2024): 155–70. https://doi.org/10.18592/tarbiyah.v13i2.13518.

Full text
Abstract:
This study aims to identify the misconceptions of 20 students in class XI MIPA in one of the Senior High Schools in Sumedang Regency, Indonesia. The selection of research subjects used a random sampling technique. This research used a descriptive qualitative research design with a case study approach. The data collection technique in this study used T3-SF (Three Tier-Test on Static Fluid) to identify misconceptions in the submaterial of Hydrostatic Pressure, Pascal's Law and Archimedes' Law. Students did ten questions on Google Forms and processed them using Microsoft Excel. Based on this stud
APA, Harvard, Vancouver, ISO, and other styles
28

Naseer, Atif, and Enrique Nava. "Counting of Underwater Static Objects Through an Efficient Temporal Technique." Journal of Marine Science and Engineering 13, no. 2 (2025): 205. https://doi.org/10.3390/jmse13020205.

Full text
Abstract:
Counting marine species is a challenging task for biologists and marine experts. This paper presents an efficient temporal technique for counting underwater static objects. The proposed method employs deep learning techniques to detect objects over time and an efficient spatial–temporal algorithm to track them, allowing for accurate counting of objects within a given area. The technique is designed to handle various challenges that arise in underwater environments such as low visibility, object occlusion, and water turbulence. The approach is validated through experiments conducted on the surv
APA, Harvard, Vancouver, ISO, and other styles
29

Okebule, T., O. A. Adeyemo, K. A. Olatunji, and A. S. Awe. "Content Analyzer for Information Leakage Detedction and Prevention in Android Smart Devices: A Conceptual Approach." advances in multidisciplinary & scientific research journal publication 6, no. 1 (2020): 72–90. http://dx.doi.org/10.22624/aims/v6n1p7.

Full text
Abstract:
The advent of android operating system introduced tools to keep track of users’ information activities and prevent information leakage which bridged the trust between application developers and consumers. Literature shows that several phenomena had been developed to prevent malicious applications from stealing personal sensitive information from smart phones but there is still the need for efficient solutions. This study proposes a conceptual approach for the development of a contentAnalyzer for information leakage detection and prevention on android-based devices. The concept will help to min
APA, Harvard, Vancouver, ISO, and other styles
30

Gupta, Brij B., Pooja Chaudhary, and Shashank Gupta. "Designing a XSS Defensive Framework for Web Servers Deployed in the Existing Smart City Infrastructure." Journal of Organizational and End User Computing 32, no. 4 (2020): 85–111. http://dx.doi.org/10.4018/joeuc.2020100105.

Full text
Abstract:
Cross-site scripting is one of the notable exceptions effecting almost every web application. Hence, this article proposed a framework to negate the impact of the XSS attack on web servers deployed in one of the major applications of the Internet of Things (IoT) i.e. the smart city environment. The proposed framework implements 2 approaches: first, it executes vulnerable flow tracking for filtering injected malicious scripting code in dynamic web pages. Second, it accomplished trusted remark generation and validation for unveiling any suspicious activity in static web pages. Finally, the filte
APA, Harvard, Vancouver, ISO, and other styles
31

Anub, A., and S. Sreelekshmy. "Dynamic Threshold-Based Algorithm for Client-Based HTTP Proxy Attack Detection through Spatial and Temporal Behavior Pattern Analysis." Recent Trends in Androids and IOS Applications 6, no. 3 (2024): 48–53. https://doi.org/10.5281/zenodo.13626561.

Full text
Abstract:
<em>This paper provides a unique approach to client- based HTTP proxy attack detection using a Dynamic Spatiotem- poral Behavior Analysis (DSTBA) algorithm. Traditional meth- ods often lack adaptability to sophisticated cyberattacks. DSTBA addresses this by dynamically adjusting detection thresholds based on real-time analysis of spatial (network node distribution and interaction) and temporal (request timing and frequency) behavior patterns. This integration with machine learning tech- niques enhances attack identification accuracy while minimizing false positives. DSTBA&rsquo;s core strength
APA, Harvard, Vancouver, ISO, and other styles
32

Kalsey, Kiratpal Singh. "Vulnerability and Malware Detection." International Journal for Research in Applied Science and Engineering Technology 12, no. 11 (2024): 113–18. http://dx.doi.org/10.22214/ijraset.2024.64807.

Full text
Abstract:
The increasingly linked digital world oftoday has made cybersecurity a top priority. The rise in cyber dangers, notably vulnerabilities and malware, poses major risks to individuals, organizations, and governments. This review article offers a thorough analysis of the approachesand instruments currently in use for malware and vulnerability detection. It examines and contrasts several detection methods, such as machine learning techniques, static and dynamic analysis, and signature-based detection. The study also examines new developments in the sector, such as the application of big data analy
APA, Harvard, Vancouver, ISO, and other styles
33

Wadne, Vinod. "MOBILE BOTNET DETECTION: A Machine Learning Approach using SVM." International Journal for Research in Applied Science and Engineering Technology 13, no. 4 (2025): 2292–96. https://doi.org/10.22214/ijraset.2025.67807.

Full text
Abstract:
Mobile botnets have become a growing cybersecurity concern, leveraging infected Android devices for malicious activities such as DDoS attacks, phishing, and credential theft. Detecting these threats requires advanced techniques due to their evasive nature. This paper proposes a machine learning-based detection system utilizing Support Vector Machine (SVM) to classify applications as benign or malicious. The model extracts and analyses 342 static features from Android applications to identify anomalous behaviour. Evaluated in a real-world setting, the approach demonstrates high detection accura
APA, Harvard, Vancouver, ISO, and other styles
34

Wadne, Vinode. "Mobile BOTNET Detection: A Machine Learning Approach using SVM." International Journal for Research in Applied Science and Engineering Technology 13, no. 6 (2025): 1314–19. https://doi.org/10.22214/ijraset.2025.72385.

Full text
Abstract:
Mobile botnets have become a growing cybersecurity concern, leveraging infected Android devices for malicious activities such as DDoS attacks, phishing, and credential theft. Detecting these threats requires advanced techniques due to their evasive nature. This paper proposes a machine learning-based detection system utilizing Support Vector Machine (SVM) to classify applications as benign or malicious. The model extracts and analyses 342 static features from Android applications to identify anomalous behaviour. Evaluated in a real-world setting, the approach demonstrates high detection accura
APA, Harvard, Vancouver, ISO, and other styles
35

Li, Jinfeng. "Vulnerabilities Mapping based on OWASP-SANS: A Survey for Static Application Security Testing (SAST)." Annals of Emerging Technologies in Computing 4, no. 3 (2020): 1–8. http://dx.doi.org/10.33166/aetic.2020.03.001.

Full text
Abstract:
The delivery of a framework in place for secure application development is of real value for application development teams to integrate security into their development life cycle, especially when a mobile or web application moves past the scanning stage and focuses increasingly on the remediation or mitigation phase based on static application security testing (SAST). For the first time, to the author’s knowledge, the industry-standard Open Web Application Security Project (OWASP) top 10 vulnerabilities and CWE/SANS top 25 most dangerous software errors are synced up in a matrix with Checkmarx
APA, Harvard, Vancouver, ISO, and other styles
36

Elrowayati, Ali, and Ammar Fadeel. "SAST Tools and Manual Testing to Improve the Methodology of Vulnerability Detection in Web Applications." International Journal of Engineering & Information Technology (IJEIT) 12, no. 1 (2024): 79–83. http://dx.doi.org/10.36602/ijeit.v12i1.480.

Full text
Abstract:
Statically analyzing code during development is a common process of the development process, using Static Application Security Testing tools. SAST analyzes code without its execution and is also very fast compared to dynamic means and therefore focuses on a certain program part. However, the results of static analysis tools are not always accurate, either missing vulnerabilities or reporting false positives. This paper considers an evaluation of several SAST tools and an analysis of student code samples with known vulnerabilities, comparing manual analysis with the results of SAST tools. The r
APA, Harvard, Vancouver, ISO, and other styles
37

Umar, Kabir, Abu Bakar Sultan, Hazura Zulzalil, Novia Admodisastro, and Mohd Taufik Abdullah. "Comparing Web Vulnerability Scanners with a New Method for SQL Injection Vulnerabilities Detection and Removal EPSQLiFix." International Journal of Engineering & Technology 7, no. 4.31 (2018): 40–45. http://dx.doi.org/10.14419/ijet.v7i4.31.23338.

Full text
Abstract:
Web vulnerabilities have become a major threat to the security of information and services accessible via the internet. Dynamic analysis based Web Vulnerability Scanners (WVS) have been employed to facilitate detection of vulnerabilities, though, such scanners could not remove the detected vulnerabilities. Empirical evidences show that some existing static analysis techniques targeted both detection and removal of vulnerabilities. However, these techniques are not adequately effective – they report considerably large number of false positives and do not achieve fully automatic vulnerabilitie
APA, Harvard, Vancouver, ISO, and other styles
38

Ayyarrappan, Mariappan. "AI for Automated Code Reviews and Quality Assurance." International Scientific Journal of Engineering and Management 03, no. 11 (2024): 1–9. https://doi.org/10.55041/isjem02159.

Full text
Abstract:
Automated code reviews and continuous quality assurance are essential in modern software development. Yet, conventional static analysis tools often produce large volumes of warnings, failing to capture deeper structural or semantic flaws. With the rise of artificial intelligence (AI), novel solutions can now parse codebases and understand patterns beyond rule-based checks— reducing false positives, spotting anti-patterns, and offering guided refactoring suggestions. This paper discusses how AI techniques, such as language models and machine learning–based code analysis, can enhance automated c
APA, Harvard, Vancouver, ISO, and other styles
39

Onyedinma, Ebele G, Asogwa Doris C, and Onyenwe, Ikechukwu E. "Towards resilient malware detection: A hybrid framework leveraging static-dynamic features and ensemble models." World Journal of Advanced Engineering Technology and Sciences 15, no. 3 (2025): 634–39. https://doi.org/10.30574/wjaets.2025.15.3.0901.

Full text
Abstract:
Malware continues to evolve in complexity, often evading traditional detection methods through obfuscation, polymorphism, and zero-day exploits. To address these challenges, this study proposes a Hybrid Malware Detection Framework that integrates signature-based detection, static analysis, dynamic behavioural monitoring, and ensemble machine learning. The framework extracts both static features such as metadata and API imports, and dynamic behaviour patterns like file system activity, process creation, and network access, which are processed into a unified vector for classification. Ensemble m
APA, Harvard, Vancouver, ISO, and other styles
40

Hu, Huimin, Yingying Wang, Julia Rubin, and Michael Pradel. "An Empirical Study of Suppressed Static Analysis Warnings." Proceedings of the ACM on Software Engineering 2, FSE (2025): 290–311. https://doi.org/10.1145/3715729.

Full text
Abstract:
Scalable static analyzers are popular tools for finding incorrect, inefficient, insecure, and hard-to-maintain code early during the development process. Because not all warnings reported by a static analyzer are immediately useful to developers, many static analyzers provide a way to suppress warnings, e.g., in the form of special comments added into the code. Such suppressions are an important mechanism at the interface between static analyzers and software developers, but little is currently known about them. This paper presents the first in-depth empirical study of suppressions of static a
APA, Harvard, Vancouver, ISO, and other styles
41

Olabode, Olanrewaju O., and Adebola K. Ojo. "Enhancing the Detection of Debit Card Fraud Detection Using Logistic Regression and Random Forest Techniques." Journal of Advances in Mathematics and Computer Science 39, no. 10 (2024): 74–83. http://dx.doi.org/10.9734/jamcs/2024/v39i101936.

Full text
Abstract:
Debit card fraud is one of the major financial crimes globally, causing a very great financial losses for financial institutions and individuals. The traditional mode of fraud detection systems often struggles to keep with the latest change in fraud patterns, due to the dynamism of the criminals resulting in high rates of false positives. This project proposes an improved system based on machine learning models to accurately and effectively identify fraudulent transactions. With machine learning models, fraudulent activities can be monitored and identified in real time. It is able to adapt to
APA, Harvard, Vancouver, ISO, and other styles
42

Sun, Hao, Chao Su, Yue Wang, and Qingkai Zeng. "Improving the Accuracy of Integer Signedness Error Detection Using Data Flow Analysis." International Journal of Software Engineering and Knowledge Engineering 25, no. 09n10 (2015): 1573–93. http://dx.doi.org/10.1142/s0218194015400331.

Full text
Abstract:
Integer signedness errors can be exploited by adversaries to cause severe damages to computer systems. Despite the significant advances in automating the detection of integer signedness errors, accurately differentiating exploitable and harmful signedness errors from unharmful ones is an important challenge. In this paper, we present the design and implementation of SignFlow, an instrumentation-based integer signedness error detector to reduce the reports for unharmful signedness errors. SignFlow first utilizes static data flow analysis to identify unharmful integer sign conversions from the v
APA, Harvard, Vancouver, ISO, and other styles
43

Yenti, Sekar Olivia, Maison Maison, and Syaiful Syaiful. "Diagnosis Miskonsepsi Siswa MAN Insan Cendekia Jambi Pada Materi Fluida Statis dan Fluida Dinamis." Edu-Sains: Jurnal Pendidikan Matematika dan Ilmu Pengetahuan Alam 10, no. 1 (2022): 13–18. http://dx.doi.org/10.22437/jmpmipa.v10i1.20695.

Full text
Abstract:
Students' efforts in studying physics often encounter obstacles due to the assumption that physics is a difficult subject to understand and teaching physics tends to be less interesting, causing misconceptions. This study aims to identify the misconceptions experienced by students in static fluid and dynamic fluid materials through four-tier (four-tier) diagnostics. This study uses a quantitative description method, with respondents as many as 30 students of class XI MIA MAN Insan Cendekia Jambi. The results showed that the average misconception experienced by students was classified in the lo
APA, Harvard, Vancouver, ISO, and other styles
44

Nandeesha H D, Prasanna B T. "Optimized Data Processing and Genetic Algorithm based Feature Selection Method to Detect URL Phishing Attacks Using Reinforcement Learning." Journal of Information Systems Engineering and Management 10, no. 18s (2025): 204–12. https://doi.org/10.52783/jisem.v10i18s.2904.

Full text
Abstract:
Phishing is one of the major, continuously evolving cyber threats. Traditional approaches include Static Blacklist Filtering and Signature- Based Detection, suffering from a high rate of false positives and very limited adaptability to new phishing methods. To that end, RL-UPD proposes Dynamic Reinforcement Learning for Phishing Detection DRLPD and enhances data processing and feature selection through genetic algorithm while constantly updating detection parameters at runtime by reinforcement learning method. DRLPD learns new phishing trends, which raises the detection precision by 0.25%, cut
APA, Harvard, Vancouver, ISO, and other styles
45

Muske, Tukaram, and Alexander Serebrenik. "Survey of Approaches for Postprocessing of Static Analysis Alarms." ACM Computing Surveys 55, no. 3 (2023): 1–39. http://dx.doi.org/10.1145/3494521.

Full text
Abstract:
Static analysis tools have showcased their importance and usefulness in automated detection of defects. However, the tools are known to generate a large number of alarms which are warning messages to the user. The large number of alarms and cost incurred by their manual inspection have been identified as two major reasons for underuse of the tools in practice. To address these concerns plentitude of studies propose postprocessing of alarms: processing the alarms after they are generated. These studies differ greatly in their approaches to postprocess alarms. A comprehensive overview of the pos
APA, Harvard, Vancouver, ISO, and other styles
46

Dr., Suman Thapaliya, and Ravi Chandra Gurung Mr. "Mitigating Insider Threats and Data Breaches: Enhancing Data Loss Prevention Systems with Behavioral Analytics And NLP." International Journal of Multidisciplinary and Innovative Research 02, no. 01 (2025): 22–27. https://doi.org/10.5281/zenodo.14634504.

Full text
Abstract:
Insider threats and data breaches pose significant challenges to modern organizations, leading to substantial financial, reputational, and operational damage. Traditional Data Loss Prevention (DLP) systems, which rely on static rule-based mechanisms and keyword-based detection, often fail to address the complexities of evolving insider threats. Such systems struggle to detect subtle behavioral anomalies or obfuscated data exfiltration, leading to high false positives and overlooked malicious activities. This paper explores the integration of Behavioral Analytics and Natural Language Processing
APA, Harvard, Vancouver, ISO, and other styles
47

Ramaswamy, Mithilesh. "Early Detection of Hard-Coded Secrets in Software Development: A Multi-Method Approach Integrating Static Analysis, Entropy-Based Detection, and Machine Learning." International Scientific Journal of Engineering and Management 03, no. 12 (2024): 1–6. https://doi.org/10.55041/isjem0411.

Full text
Abstract:
The inadvertent inclusion of hard-coded secrets—such as API keys, passwords, and tokens—within source code poses significant security risks, potentially leading to unauthorized access and data breaches. Recent studies have highlighted the prevalence of this issue; for instance, GitGuardian's 2023 report revealed a 67% increase in detected hard-coded secrets compared to the previous year, with 10 million new secrets discovered in public GitHub commits in 2022. To address this escalating concern, our research proposes a comprehensive, multi-method approach that integrates static code analysis, e
APA, Harvard, Vancouver, ISO, and other styles
48

Maddula, Sai Sirisha. "Evaluating Current Techniques for Detecting Vulnerabilities in Ethereum Smart Contracts." Engineering International 11, no. 1 (2023): 59–72. http://dx.doi.org/10.18034/ei.v11i1.717.

Full text
Abstract:
Ethereum intelligent contract security must be guaranteed since these decentralized apps oversee large-scale financial transactions independently. To strengthen the dependability and credibility of Ethereum smart contracts, this paper assesses existing methods for finding weaknesses in them. The primary goals are to evaluate how well hybrid approaches, formal verification, dynamic analysis, and static analysis find vulnerabilities. Methodologically, a thorough assessment of available resources and instruments was carried out to evaluate the advantages and disadvantages of each approach. Import
APA, Harvard, Vancouver, ISO, and other styles
49

Li, Kaixuan, Yue Xue, Sen Chen, et al. "Static Application Security Testing (SAST) Tools for Smart Contracts: How Far Are We?" Proceedings of the ACM on Software Engineering 1, FSE (2024): 1447–70. http://dx.doi.org/10.1145/3660772.

Full text
Abstract:
In recent years, the importance of smart contract security has been heightened by the increasing number of attacks against them. To address this issue, a multitude of static application security testing (SAST) tools have been proposed for detecting vulnerabilities in smart contracts. However, objectively comparing these tools to determine their effectiveness remains challenging. Existing studies often fall short due to the taxonomies and benchmarks only covering a coarse and potentially outdated set of vulnerability types, which leads to evaluations that are not entirely comprehensive and may
APA, Harvard, Vancouver, ISO, and other styles
50

Jin, Lin, Shuai Hao, Haining Wang, and Chase Cotton. "Understanding the Practices of Global Censorship through Accurate, End-to-End Measurements." ACM SIGMETRICS Performance Evaluation Review 50, no. 1 (2022): 17–18. http://dx.doi.org/10.1145/3547353.3522640.

Full text
Abstract:
It is challenging to conduct a large scale Internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of ground truth on the expected responses from legitimate services, previous studies typically require a heavy, unscalable manual inspection to identify false positives while still leaving false negatives undetected. In this paper, we propose Disguiser, a novel framework that enables end-to-end measurement to accurately detect the censorship activities and reveal the censor deploymen
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography