Analysis of Code Vulnerabilities in Repositories of GitHub and Rosettacode: A comparative Study

Malik, Abdul; Naveed, Muhammad Shumail

doi:10.33411/ijist/2022040219

Cited by 4 publications

(2 citation statements)

References 23 publications

(22 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Based on the research gap and requirements, we have worked on generating a new feasible dataset that fulfills the requirement of a researcher who wants to test their IDS on a realistic dataset. The generated dataset is publicly available for users on GitHub [50] [51]. Moreover, we have provided complete detailed methods which help analysts to generate their new dataset based on their needs and objectives.…”

Section: 𝑇𝑃 𝑇𝑃 + 𝐹𝑃mentioning

confidence: 99%

Analyzing ML-Based IDS over Real-Traffic

Siyyal

Khuawar

Saba

et al. 2022

IJIST

View full text Add to dashboard Cite

The rapid growth of computer networks has caused a significant increase in malicious traffic, promoting the use of Intrusion Detection Systems (IDSs) to protect against this ever-growing attack traffic. A great number of IDS have been developed with some sort of weaknesses and strengths. Most of the development and research of IDS is purely based on simulated and non-updated datasets due to the unavailability of real datasets, for instance, KDD '99, and CIC-IDS-18 which are widely used datasets by researchers are not sufficient to represent real-traffic scenarios. Moreover, these one-time generated static datasets cannot survive the rapid changes in network patterns. To overcome these problems, we have proposed a framework to generate a full feature, unbiased, real-traffic-based, updated custom dataset to deal with the limitations of existing datasets. In this paper, the complete methodology of network testbed, data acquisition and attack scenarios are discussed. The generated dataset contains more than 70 features and covers different types of attacks, namely DoS, DDoS, Portscan, Brute-Force and Web attacks. Later, the custom-generated dataset is compared to various available datasets based on seven different factors, such as updates, practical-to-generate, realness, attack diversity, flexibility, availability, and interoperability. Additionally, we have trained different ML-based classifiers on our custom-generated dataset and then tested/analyzed it based on performance metrics. The generated dataset is publicly available and accessible by all users. Moreover, the following research is anticipated to allow researchers to develop effective IDSs and real traffic-based updated datasets.

show abstract

Section: 𝑇𝑃 𝑇𝑃 + 𝐹𝑃mentioning

confidence: 99%

Analyzing ML-Based IDS over Real-Traffic

Siyyal

Khuawar

Saba

et al. 2022

IJIST

View full text Add to dashboard Cite

show abstract

“…The collaborative R&D takes the software development process as the core collaborates and integrates elements related to the R&D process, such as projects, tasks, methods, standards, tools, and data resources, providing a multi-stage, interdisciplinary and cross-departmental information collaboration environment for the R&D department, supporting the efficient and smooth development of R&D activities, shortening the R&D cycle, and ensuring R&D quality. However, the collaborative research and development mode faces security risks such as identity impersonation, illegal access, unauthorized access, and information leakage, directly threatening the security of business systems and code repositories [1]. The traditional security solution is to set up an isolated authentication area on the boundary of the enterprise for authentication and access control, divide the network with internal and external network interconnection requirements into the internal network and external network, and identify the intranet as a trusted domain.…”

Section: Introductionmentioning

confidence: 99%

Zero trust-based federated autonomous technology for code repository

Wang,

Shen,

Zhao

et al. 2024

International Conference on Computer Network Security and Software Engineering (CNSSE 2024)

View full text Add to dashboard Cite

Enhancing Security Awareness and Education for LLMs

Panichella

2024

Large Language Models in Cybersecurity

View full text Add to dashboard Cite

Large Language Models (LLMs) have gained widespread use in multiple applications, making end-user education and training a vital security component. Education involves creating awareness of the security concerns related to LLMs, such as data privacy concerns, bias, and cyberattacks, to encourage ethical and responsible use. Training can teach users to detect and mitigate security threats, configure security settings, and perform regular system updates to prevent vulnerabilities.

show abstract

Analysis of Code Vulnerabilities in Repositories of GitHub and Rosettacode: A comparative Study

Cited by 4 publications

References 23 publications

Analyzing ML-Based IDS over Real-Traffic

Analyzing ML-Based IDS over Real-Traffic

Zero trust-based federated autonomous technology for code repository

Enhancing Security Awareness and Education for LLMs

Contact Info

Product

Resources

About