-
Gathering Cyber Threat Intelligence from Twitter Using Novelty Classification
Authors:
Ba Dung Le,
Guanhua Wang,
Mehwish Nasim,
Ali Babar
Abstract:
Preventing organizations from Cyber exploits needs timely intelligence about Cyber vulnerabilities and attacks, referred as threats. Cyber threat intelligence can be extracted from various sources including social media platforms where users publish the threat information in real time. Gathering Cyber threat intelligence from social media sites is a time consuming task for security analysts that c…
▽ More
Preventing organizations from Cyber exploits needs timely intelligence about Cyber vulnerabilities and attacks, referred as threats. Cyber threat intelligence can be extracted from various sources including social media platforms where users publish the threat information in real time. Gathering Cyber threat intelligence from social media sites is a time consuming task for security analysts that can delay timely response to emerging Cyber threats. We propose a framework for automatically gathering Cyber threat intelligence from Twitter by using a novelty detection model. Our model learns the features of Cyber threat intelligence from the threat descriptions published in public repositories such as Common Vulnerabilities and Exposures (CVE) and classifies a new unseen tweet as either normal or anomalous to Cyber threat intelligence. We evaluate our framework using a purpose-built data set of tweets from 50 influential Cyber security related accounts over twelve months (in 2018). Our classifier achieves the F1-score of 0.643 for classifying Cyber threat tweets and outperforms several baselines including binary classification models. Our analysis of the classification results suggests that Cyber threat relevant tweets on Twitter do not often include the CVE identifier of the related threats. Hence, it would be valuable to collect these tweets and associate them with the related CVE identifier for cyber security applications.
△ Less
Submitted 4 September, 2019; v1 submitted 3 July, 2019;
originally announced July 2019.
-
Game theoretical modelling of network/cybersecurity
Authors:
Azhar Iqbal,
Lachlan J. Gunn,
Mingyu Guo,
M. Ali Babar,
Derek Abbott
Abstract:
Game theory is an established branch of mathematics that offers a rich set of mathematical tools for multi-person strategic decision making that can be used to model the interactions of decision makers in security problems who compete for limited and shared resources. This article presents a review of the literature in the area of game theoretical modelling of network/cybersecurity.
Game theory is an established branch of mathematics that offers a rich set of mathematical tools for multi-person strategic decision making that can be used to model the interactions of decision makers in security problems who compete for limited and shared resources. This article presents a review of the literature in the area of game theoretical modelling of network/cybersecurity.
△ Less
Submitted 19 October, 2019; v1 submitted 24 January, 2019;
originally announced January 2019.
-
Internet of Things Search Engine: Concepts, Classification, and Open Issues
Authors:
Nguyen Khoi Tran,
Quan Z. Sheng,
M. Ali Babar,
Lina Yao,
Wei Emma Zhang,
Schahram Dustdar
Abstract:
This article focuses on the complicated yet still relatively immature area of the Internet of Things Search Engines (IoTSE). It introduces related concepts of IoTSE and a model called meta-path to describe and classify IoTSE systems based on their functionality. Based on these concepts, we have organized the research and development efforts on IoTSE into eight groups and presented the representati…
▽ More
This article focuses on the complicated yet still relatively immature area of the Internet of Things Search Engines (IoTSE). It introduces related concepts of IoTSE and a model called meta-path to describe and classify IoTSE systems based on their functionality. Based on these concepts, we have organized the research and development efforts on IoTSE into eight groups and presented the representative works in each group. The concepts and ideas presented in this article are generated from an extensive structured study on over 200 works spanning over one decade of IoTSE research and development.
△ Less
Submitted 7 December, 2018;
originally announced December 2018.
-
An Empirical Study of Architecting for Continuous Delivery and Deployment
Authors:
Mojtaba Shahin,
Mansooreh Zahedi,
Muhammad Ali Babar,
Liming Zhu
Abstract:
Recently, many software organizations have been adopting Continuous Delivery and Continuous Deployment (CD) practices to develop and deliver quality software more frequently and reliably. Whilst an increasing amount of the literature covers different aspects of CD, little is known about the role of software architecture in CD and how an application should be (re-) architected to enable and support…
▽ More
Recently, many software organizations have been adopting Continuous Delivery and Continuous Deployment (CD) practices to develop and deliver quality software more frequently and reliably. Whilst an increasing amount of the literature covers different aspects of CD, little is known about the role of software architecture in CD and how an application should be (re-) architected to enable and support CD. We have conducted a mixed-methods empirical study that collected data through in-depth, semi-structured interviews with 21 industrial practitioners from 19 organizations, and a survey of 91 professional software practitioners. Based on a systematic and rigorous analysis of the gathered qualitative and quantitative data, we present a conceptual framework to support the process of (re-) architecting for CD. We provide evidence-based insights about practicing CD within monolithic systems and characterize the principle of "small and independent deployment units" as an alternative to the monoliths. Our framework supplements the architecting process in a CD context through introducing the quality attributes (e.g., resilience) that require more attention and demonstrating the strategies (e.g., prioritizing operations concerns) to design operations-friendly architectures. We discuss the key insights (e.g., monoliths and CD are not intrinsically oxymoronic) gained from our study and draw implications for research and practice.
△ Less
Submitted 27 August, 2018;
originally announced August 2018.
-
Architectural Tactics for Big Data Cybersecurity Analytic Systems: A Review
Authors:
Faheem Ullah,
M. Ali Babar
Abstract:
Context: Big Data Cybersecurity Analytics is aimed at protecting networks, computers, and data from unauthorized access by analysing security event data using big data tools and technologies. Whilst a plethora of Big Data Cybersecurity Analytic Systems have been reported in the literature, there is a lack of a systematic and comprehensive review of the literature from an architectural perspective.…
▽ More
Context: Big Data Cybersecurity Analytics is aimed at protecting networks, computers, and data from unauthorized access by analysing security event data using big data tools and technologies. Whilst a plethora of Big Data Cybersecurity Analytic Systems have been reported in the literature, there is a lack of a systematic and comprehensive review of the literature from an architectural perspective. Objective: This paper reports a systematic review aimed at identifying the most frequently reported quality attributes and architectural tactics for Big Data Cybersecurity Analytic Systems. Method: We used Systematic Literature Review (SLR) method for reviewing 74 primary studies selected using well-defined criteria. Results: Our findings are twofold: (i) identification of 12 most frequently reported quality attributes and the justification for their significance for Big Data Cybersecurity Analytic Systems; and (ii) identification and codification of 17 architectural tactics for addressing the quality attributes that are commonly associated with Big Data Cybersecurity Analytic systems. The identified tactics include six performance tactics, four accuracy tactics, two scalability tactics, three reliability tactics, and one security and usability tactic each. Conclusion: Our findings have revealed that (a) despite the significance of interoperability, modifiability, adaptability, generality, stealthiness, and privacy assurance, these quality attributes lack explicit architectural support in the literature (b) empirical investigation is required to evaluate the impact of codified architectural tactics (c) a good deal of research effort should be invested to explore the trade-offs and dependencies among the identified tactics and (d) there is a general lack of effective collaboration between academia and industry for supporting the field of Big Data Cybersecurity Analytic Systems.
△ Less
Submitted 9 February, 2018;
originally announced February 2018.
-
Periodic orbits around a spherically symmetric naked singularity
Authors:
Gulmina Zaman Babar,
Adil Zaman Babar,
Yen-Kheng Lim
Abstract:
The motion of time-like test particles in the Fisher/Janis-Newman-Winicour (F/JNW) spacetime is studied with the Hamiltonian formulation of the geodesic equations. The spacetime is characterised by its mass parameter $r_g$ and scalar field parameter $ν$. The innermost bound and stable circular orbits are calculated and the effective potential is analysed. Consistent with numerical results in earli…
▽ More
The motion of time-like test particles in the Fisher/Janis-Newman-Winicour (F/JNW) spacetime is studied with the Hamiltonian formulation of the geodesic equations. The spacetime is characterised by its mass parameter $r_g$ and scalar field parameter $ν$. The innermost bound and stable circular orbits are calculated and the effective potential is analysed. Consistent with numerical results in earlier literature, for $ν<1/2$, particles with non-zero angular momentum encounter an infinite potential barrier, preventing them from reaching the naked singularity at $r=r_g$. Periodic orbits in the spacetime are also obtained. Compared to the periodic orbits around the Schwarzschild black hole, it is found that typically lower energies are required for the same orbits in the F/JNW spacetime.
△ Less
Submitted 26 October, 2017;
originally announced October 2017.
-
Understanding the Heterogeneity of Contributors in Bug Bounty Programs
Authors:
Hideaki Hata,
Mingyu Guo,
M. Ali Babar
Abstract:
Background: While bug bounty programs are not new in software development, an increasing number of companies, as well as open source projects, rely on external parties to perform the security assessment of their software for reward. However, there is relatively little empirical knowledge about the characteristics of bug bounty program contributors. Aim: This paper aims to understand those contribu…
▽ More
Background: While bug bounty programs are not new in software development, an increasing number of companies, as well as open source projects, rely on external parties to perform the security assessment of their software for reward. However, there is relatively little empirical knowledge about the characteristics of bug bounty program contributors. Aim: This paper aims to understand those contributors by highlighting the heterogeneity among them. Method: We analyzed the histories of 82 bug bounty programs and 2,504 distinct bug bounty contributors, and conducted a quantitative and qualitative survey. Results: We found that there are project-specific and non-specific contributors who have different motivations for contributing to the products and organizations. Conclusions: Our findings provide insights to make bug bounty programs better and for further studies of new software development roles.
△ Less
Submitted 18 September, 2017;
originally announced September 2017.
-
Continuous Integration, Delivery and Deployment: A Systematic Review on Approaches, Tools, Challenges and Practices
Authors:
Mojtaba Shahin,
Muhammad Ali Babar,
Liming Zhu
Abstract:
Context: Continuous practices, i.e., continuous integration, delivery, and deployment, are the software development industry practices that enable organizations to frequently and reliably release new features and products. With the increasing interest in and literature on continuous practices, it is important to systematically review and synthesize the approaches, tools, challenges, and practices…
▽ More
Context: Continuous practices, i.e., continuous integration, delivery, and deployment, are the software development industry practices that enable organizations to frequently and reliably release new features and products. With the increasing interest in and literature on continuous practices, it is important to systematically review and synthesize the approaches, tools, challenges, and practices reported for adopting and implementing continuous practices. Objective: This research aimed at systematically reviewing the state of the art of continuous practices to classify approaches and tools, identify challenges and practices in this regard, and identify the gaps for future research. Method: We used systematic literature review (SLR) method for reviewing the peer-reviewed papers on continuous practices published between 2004 and 1st June 2016. We applied thematic analysis method for analysing the data extracted from reviewing 69 papers selected using predefined criteria. Results: We have identified thirty approaches and associated tools, which facilitate the implementation of continuous practices in the following ways: (1) "reducing build and test time in continuous integration (CI)"; (2) "increasing visibility and awareness on build and test results in CI"; (3) "supporting (semi-) automated continuous testing"; (4) "detecting violations, flaws and faults in CI"; (5) "addressing security and scalability issues in deployment pipeline", and (6) "improving dependability and reliability of deployment process". We have also determined a list of critical factors such as "testing (effort and time)", "team awareness and transparency", "good design principles", "customer", "highly skilled and motivated team", "application domain", and "appropriate infrastructure" that should be carefully considered when introducing continuous practices in a given organization.
△ Less
Submitted 20 March, 2017;
originally announced March 2017.
-
Security Support in Continuous Deployment Pipeline
Authors:
Faheem Ullah,
Adam Johannes Raft,
Mojtaba Shahin,
Mansooreh Zahedi,
Muhammad Ali Babar
Abstract:
Continuous Deployment (CD) has emerged as a new practice in the software industry to continuously and automatically deploy software changes into production. Continuous Deployment Pipeline (CDP) supports CD practice by transferring the changes from the repository to production. Since most of the CDP components run in an environment that has several interfaces to the Internet, these components are v…
▽ More
Continuous Deployment (CD) has emerged as a new practice in the software industry to continuously and automatically deploy software changes into production. Continuous Deployment Pipeline (CDP) supports CD practice by transferring the changes from the repository to production. Since most of the CDP components run in an environment that has several interfaces to the Internet, these components are vulnerable to various kinds of malicious attacks. This paper reports our work aimed at designing secure CDP by utilizing security tactics. We have demonstrated the effectiveness of five security tactics in designing a secure pipeline by conducting an experiment on two CDPs - one incorporates security tactics while the other does not. Both CDPs have been analyzed qualitatively and quantitatively. We used assurance cases with goal-structured notations for qualitative analysis. For quantitative analysis, we used penetration tools. Our findings indicate that the applied tactics improve the security of the major components (i.e., repository, continuous integration server, main server) of a CDP by controlling access to the components and establishing secure connections.
△ Less
Submitted 13 March, 2017;
originally announced March 2017.
-
Applying empirical software engineering to software architecture: challenges and lessons learned
Authors:
Davide Falessi,
Muhammad Ali Babar,
Giovanni Cantone,
Philippe Kruchten
Abstract:
In the last 15 years, software architecture has emerged as an important software engineering field for managing the development and maintenance of large, software- intensive systems. Software architecture community has developed numerous methods, techniques, and tools to support the architecture process (analysis, design, and review). Historically, most advances in software architecture have been…
▽ More
In the last 15 years, software architecture has emerged as an important software engineering field for managing the development and maintenance of large, software- intensive systems. Software architecture community has developed numerous methods, techniques, and tools to support the architecture process (analysis, design, and review). Historically, most advances in software architecture have been driven by talented people and industrial experience, but there is now a growing need to systematically gather empirical evidence about the advantages or otherwise of tools and methods rather than just rely on promotional anecdotes or rhetoric. The aim of this paper is to promote and facilitate the application of the empirical paradigm to software architecture. To this end, we describe the challenges and lessons learned when assessing software architecture research that used controlled experiments, replications, expert opinion, systematic literature reviews, obser- vational studies, and surveys. Our research will support the emergence of a body of knowledge consisting of the more widely-accepted and well-formed software architecture theories.
△ Less
Submitted 21 January, 2017;
originally announced January 2017.
-
Software Architectures for Robotics Systems: A Systematic Map** Study
Authors:
Aakash Ahmad,
Muhammad Ali Babar
Abstract:
Software architecture related issues are important for robotic systems. Architecture centric development and evolution of software for robotic systems has been attracting researchers attention for more than two decades. The objective of this work is to systematically identify, taxonomically classify and holistically map existing solutions, research progress and trends that influence architecture-d…
▽ More
Software architecture related issues are important for robotic systems. Architecture centric development and evolution of software for robotic systems has been attracting researchers attention for more than two decades. The objective of this work is to systematically identify, taxonomically classify and holistically map existing solutions, research progress and trends that influence architecture-driven modeling, development and evolution of robotic software. We carried out a Systematic Map** Study to identify and analyze the relevant literature based on 56 peer-reviewed papers. We extract and synthesize the data from selected papers to taxonomically classify the existing research and systematically map the solutions, frameworks, notations and evaluation methods to highlight the role of software architecture in robotic systems. We have identified eight distinct research themes that support architectural solutions to enable operations, evolution and development specific activities of robotic software. The research in this area has progressed from object oriented to component based and now to service driven robotics representing different architectural generations. The reported solutions have exploited model-driven, service oriented and reverse engineering techniques since 2005. An emerging trend is cloud robotics that exploits the foundations of service driven architectures to support an interconnected web of robots. The results of this SMS facilitate knowledge transfer, benefiting researchers and practitioners, focused on exploiting software architecture to model, develop and evolve robotic systems.
△ Less
Submitted 19 January, 2017;
originally announced January 2017.
-
Exploring Practitioner Perspectives of Sourcing Risks: Towards the Development of an Integrated Risk and Control Framework
Authors:
Deborah Bunker,
Catherine Hardy,
Abdul Babar,
Ken Stevens
Abstract:
Outsourcing of information and communication technologies (ICT) and related services is an established and growing industry. Recent trends, such as the move toward multi-sourcing have increased the complexity and risk of these outsourcing arrangements. There is a critical research need to identify the risks faced by both the organisations that outsource ICT and the vendors that provide it in this…
▽ More
Outsourcing of information and communication technologies (ICT) and related services is an established and growing industry. Recent trends, such as the move toward multi-sourcing have increased the complexity and risk of these outsourcing arrangements. There is a critical research need to identify the risks faced by both the organisations that outsource ICT and the vendors that provide it in this changing landscape. To address growing concerns regarding the best way to deal with risk and control in this environment, our research focuses on establishing a Sourcing Risk and Control Framework to assist organisations identify these risks and develop effective mitigation strategies. In this paper we report on the first stage of our research that sought to document how sourcing risk is represented and considered in practice. To date, limited empirical research has been conducted in an Australian context. Using a series of workshops involving client and vendor representatives, we identified a broad range of risks and developed a cohesive categorisation scheme that incorporates functional and multi-stakeholder perspectives.
△ Less
Submitted 8 June, 2016;
originally announced June 2016.
-
mSCTP Based Decentralized Mobility Framework
Authors:
Waqas Ahmed Imtiaz,
Muhammad Afaq,
Muhammad Asmatullah Khan Babar
Abstract:
To conceive the full potential of wireless IP services, Mobile Nodes (MNs) must be able to roam seamlessly across different networks. Mobile Stream Control Transmission Protocol (mSCTP) is a transport layer solution, which unlike Mobile IP (MIP), provides seamless mobility with minimum delay and negligible packet loss. However, mSCTP fails to locate the current IP address of the mobile node when C…
▽ More
To conceive the full potential of wireless IP services, Mobile Nodes (MNs) must be able to roam seamlessly across different networks. Mobile Stream Control Transmission Protocol (mSCTP) is a transport layer solution, which unlike Mobile IP (MIP), provides seamless mobility with minimum delay and negligible packet loss. However, mSCTP fails to locate the current IP address of the mobile node when Correspondent Node (CN) wants to initiate a session. In this paper, we propose DHT Chord to provide the required location management. Chord is a P2P algorithm, which can efficiently provide the IP address of the called MN by using its key-value map**. The proposed decentralized mobility framework collectively exploits the multihoming feature of mSCTP, and efficient key-value map** of chord to provide seamless mobility. Suitability of the framework is analyzed by preliminary analysis of chord lookup efficiency, and mSCTP handover procedure using overlay weaver and NS-2. Performance analysis shows that mSCTP multihoming feature and Chord efficient key-value map** can provide a non-delayed, reliable, and an efficient IP handover solution.
△ Less
Submitted 2 March, 2013;
originally announced March 2013.