Secure Arcade: A Gamified Defense Against Cyber Attacks
Authors:
Sean Loesch,
Ryan Hrastich,
Jordan Herbert,
Ben Drangstveit,
Jacob Weber,
Mounika Vanamala
Abstract:
In modernity, we continually receive increasingly intricate technologies that allow us to increase our lives convenience and efficiency. Our technology, particularly technology available over the internet, is advancing at unprecedented speed. However, this speed of advancement allows those behind malicious attacks to have an increasingly easier time taking advantage of those who know little about…
▽ More
In modernity, we continually receive increasingly intricate technologies that allow us to increase our lives convenience and efficiency. Our technology, particularly technology available over the internet, is advancing at unprecedented speed. However, this speed of advancement allows those behind malicious attacks to have an increasingly easier time taking advantage of those who know little about computer security. Unfortunately, education in the computer security field is generally limited only to tertiary education. This research addresses this problem through a gamified web-based application that drives users to reach learning goals to help them become more vigilant internet users: 1. Learn and memorize general computer security terminology, 2. Become familiar with basic cryptography concepts, 3. Learn to recognize potential phishing scams via email quickly, and 4. Learn common attacks on servers and how to deal with them.
△ Less
Submitted 1 November, 2023;
originally announced November 2023.
Using Machine Learning To Identify Software Weaknesses From Software Requirement Specifications
Authors:
Mounika Vanamala,
Sean Loesch,
Alexander Caravella
Abstract:
Secure software engineering is crucial but can be time-consuming; therefore, methods that could expedite the identification of software weaknesses without reducing the process efficacy would benefit the software engineering industry and thus benefit modern life. This research focuses on finding an efficient machine learning algorithm to identify software weaknesses from requirement specifications.…
▽ More
Secure software engineering is crucial but can be time-consuming; therefore, methods that could expedite the identification of software weaknesses without reducing the process efficacy would benefit the software engineering industry and thus benefit modern life. This research focuses on finding an efficient machine learning algorithm to identify software weaknesses from requirement specifications. The research uses the CWE repository and PROMISE exp dataset for training. Keywords extracted using latent semantic analysis help map the CWE categories to PROMISE_exp. Naive Bayes, support vector machine (SVM), decision trees, neural network, and convolutional neural network (CNN) algorithms were tested, with SVM and neural network producing reliable results. The research is unique contribution lies in the map** technique and algorithm selection. It serves as a valuable reference for the secure software engineering community seeking to expedite the development lifecycle without compromising efficacy. Future work involves testing more algorithms, optimizing existing ones, and improving the training sets accuracy.
△ Less
Submitted 10 August, 2023;
originally announced August 2023.