Volume II,  Issue III,  April 2013

Accepted Articles Information  
  1. Constructing Attack Scenario using Sequential Pattern Mining with Correlated Candidate Sequences

    Author:  Fatmah A. Bahareth and Omaima O. Bamasak

     

    Abstract:

    With the rise of cyber attacks, the amount of audited security data such as alerts produced from Intrusion Detection Systems (IDSs) are increased dramatically. The analysis and management of these massive amounts of alerts have become a critical and challenging issue. Alert correlation is a very useful approach to reduce the volume of alerts and discover multi-stage attack scenarios. In this paper we propose a framework to recognize multi-stage attack scenarios with their associated severity level in real time. Sequential mining algorithm is used to discover attacks patterns and predict upcoming attacks. To improve the accuracy of generated patterns, we incorporated candidate verification that calculates alerts correlativity while generating candidate attacks sequences. Simultaneously, the framework identifies severity rank of discovered multi-stage attack scenarios.

    FullText

  2. On Evaluating the Architecture of ERP systems

    Authors:  Basem Y. Alkazemi, Abdullah Baz, Yasir A. Khayat, and Grami M. Grami

     

    Abstract:

    The architectural aspects of software systems are not typically explained to customers when a product is presented by respective vendors. One immediate downfall customers may face is when new business needs require modification of the core business processes within their organizations. In some cases, they might need to replace the entire systems or re-architect old ones to comply with new architectural standards. This paper describes a proposed framework that helps organizations envisage a comprehensive view of their system architecture to help make informed decisions. Organizations that fall under this category can benefit from the reference model which facilitates the negotiation and communication tasks with software vendors. The paper applies the proposed framework to an organization in Saudi Arabia to validate its applicability and generates an
    architectural design for their software systems.

    FullText

  3. Dependency Graph and Metrics for Defects Prediction

    Authors:  Hesham Abandah, and Izzat Alsmadi

     

    Abstract:

    Software defects prediction was introduced to support development and maintenance activities and improve the software quality. Reliable defect predictors can significantly optimize the utilization of software projects resources and increase customers confidence in the
    developed software products. In this paper, three different classifiers (LMT, SMO and J48) are used to study the relations between dependency
    collected metrics and bugs collected for the software under study. ANT open source software is used in this case study. The selection of this open source was relation to the availability of source code and bug reports. Results varied between the three classifiers and showed J48 to be the best
    classifier in terms of predicating such correlation between dependency metrics and defects. In general the three classifiers showed that there is a high significant correlation between proposed and evaluated dependency metrics and software defects which showed that they can be used as important early predictors for the software quality in general.

    FullText

  4. Infeasible Paths Detection Using Static Analysis

    Authors:  Burhan Barhoush, and Izzat Alsmadi

     

    Abstract:

    Software testing is the process that aims to detect the errors in the software product by using test cases, and to discover the components of the software that are responsible of these errors. The testers need to ensure that every component of the software is tested correctly in order to achieve high coverage in terms of testing one or more of the software aspects such as: code, user interface, etc. Many coverage aspects were proposed in testing research field such as node, edge, edge-pair coverage, prime path coverage, etc. By reading many of these studies, we can notice that they propose many solutions for detecting and discovering infeasible paths. An infeasible path is simply any path that cannot be traversed by test cases. Some of the causes of the infeasible paths are dead codes, correlated predicates with respect to a certain variable (which is one of the main reasons for infeasibility in the software programs) or according to the test cases itself. In this paper, a tool is developed to automatically detect the infeasible paths that may exist in source code and that are caused by the logically inconsistent predicates related to dead codes, and by the correlated conditional statements with respect to a certain variable. Our application tool is evaluated against four source codes, and the experimental results showed that the tool can effectively detect infeasible paths except in the source codes that contain while loop structures.

    FullText

  5. The specifications of E-Commerce Secure System using Z language

    Authors: Mustafa M. Noaman, Izzat Alsmadi, and Ameera S. Jaradat

    Abstract:

    This paper uses formal methods to improve the security of the e-commerce system specifications and reduce the number of security threats to the minimum. The result shows the effectiveness of using formal methods for empowering e-commerce security. Z specification language is used to design the e-commerce system & specify security constraints. Besides, Z/EVES formal methods tool is considered for demonstrating our work.

    FullText

  6. Information Security Audit in Virtual Environment

    Authors: Ramalingam Dharmalingam, Arun Nagarle Shivashankarappa, Leonid Smalov, and
    Anbazhagan Neelamegham,

    Abstract:

    Audit is a mandatory component of contemporary IT environment due to increase in regulatory mandates, contractual obligations, and other compliance requirements. Virtualization has gained immense popularity due to its economic benefits and other characteristics such as scalability, availability and high performance. However, auditing in virtual environment has become complex due to the creation of abstractions that change the dynamics of architecture, administrator privileges and system separation. Due to the immaturity of standards and frameworks for auditing in
    virtual environment, auditors are unaware of the clear process to perform a comprehensive audit for attestation. Hence, in this article, the authors have proposed an audit process and framework for a successful audit in virtual environment.

    FullText

  7. Intelligent Parsing and Grammatical Inference A Knowledge-Based Approach   

    Authors: Chafia Kara-Mohamed (alias Hamdi-Cherif), and Aboubekeur Hamdi-Cherif

    Abstract:

    Starting from first principles, we have designed a rule-based first-order logic (FOL) knowledge-based system (KBS), called EXPARS, and coupled it with an original inductive learning module for the purpose of grammatical inference. While we stress the flexibility of the KBS approach asapplied to parsing, we also raise the issues imposed by such a coupling. The interaction between EXPARS and the learning module contributes to the
    learning of one grammar from positive examples. The proposed approach represents a contribution towards the design of future intelligent parsers.

    FullText