Journal of Internet Services and Information Security最新文献

{"title":"A Proposed Technical Debt Management Approach Applied on Software Projects in Egypt","authors":"Abeer Salah Eldeen Hamed, H. Elbakry, Alaa Eldin Riad, R. Moawad","doi":"10.58346/jisis.2023.i3.010","DOIUrl":"https://doi.org/10.58346/jisis.2023.i3.010","url":null,"abstract":"Technical Debt (TD) is a metaphor that can be described as the technical issues that are hidden from end users and customers, but in fact hinder the development efforts during system evolution and future enhancements. Due to tight budgets and timelines, TD is frequently incurred, which may lead to technical, financial, and quality issues that make future maintenance more costly or impossible. While business professionals concentrate on external issues related to customer satisfaction, in fact they rarely pay attention to internal software quality defects and maintenance, which would rather cause future interest payments. In this research study, we propose a TD management (TDM) approach with best practices developed using Design Science Research (DSR) and conducted with multiple case studies for the software development team in Small and Medium Enterprises (SMEs). The study demonstrates that the proposed approach for measuring the impact of internal / external software quality leads to increased awareness of TD’s occurrence and thereby provides processes for preventing, identifying, prioritizing, monitoring, and repaying TD to satisfy both customer value and technical requirements, along with halting project failures and cost overruns. In actuality, applying our proposed TDM approach leads to a deeper comprehension of TD contraction in selected software companies, improved team morale and motivation, as well as an enhancement in its maintainability.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47438902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Deception-based Method for Ransomware Detection","authors":"TaeGuen Kim","doi":"10.58346/jisis.2023.i3.012","DOIUrl":"https://doi.org/10.58346/jisis.2023.i3.012","url":null,"abstract":"Ransomware is a rapidly growing malware threat that encrypts a user's files and demands a ransom for the decryption key. It has caused significant financial harm worldwide and is difficult to detect, especially when it's a new, unknown zero-day ransomware. Most commercial antivirus software relies on signature-based detection, which can be slow and inadequate for swiftly identifying suspicious programs. To tackle these challenges, this paper presents a ransomware protection method utilizing decoy files. Our deception-based protection method enhances ransomware detection with a fair decoy deployment strategy. Our method offers the advantage of robustly detecting ransomware compared to existing deception-based methods. Furthermore, it can effectively address ransomware that employs random access attacks, thereby bypassing deception-based detection techniques. In the evaluation, we provide a comprehensive analysis of our experimental results to vividly demonstrate the efficacy of our proposed method. Specifically, we introduce a random-access attack scenario that could potentially circumvent deception-based protection mechanisms. Furthermore, we assess the resilience of our method against such random-access attacks.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136242464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IOT-Based Generic Health Monitoring with Cardiac Classification Using Edge Computing","authors":"Dr.K. Vimal Kumar Stephen, Mathivanan Dr.V., Antonio Rutaf Manalang, Prajith Udinookkaran, Rudiardo Percival Niñalga De Vera, Mohammed Tariq Shaikh, Faiza Rashid Ammar Al-Harthy","doi":"10.58346/jisis.2023.i2.008","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.008","url":null,"abstract":"Background: The current environment of modern computation can offer a smart healthcare monitoring for the early prediction of disease detection. For the domain of healthcare services, the Internet of Things (IoT) has a vital role, and also aids in the enhancement of the data’s processing as well as predictions. The transfer of data or reports from one location to another will consume a lot of energy as well as time, and also does result in issues of high energy as well as latency. With edge computing, the disadvantages can be easily resolved. Objectives: This work presents a Convolutional Neural Network (CNN)-based model of prediction which employs edge computing as well as IoT paradigms. The term edge computing will refer to a distributed environment framework that facilitates swift resource accessibility and response times by means of the local edge servers for processing at the end of the IoT devices. With this model, there can be an analysis of the health data which has been gathered by the IoT devices. Additionally, the edge devices will employ the edge servers for offering the patients as well as the doctors health-prediction reports in a timely manner. Methods: This work has proposals of an optimized CNN with Tabu Search (TS), Artificial Bee Colony (ABC) as well as the hybrid TS-ABC algorithms. Results: Analysis of these proposed algorithms is done with the parameters of performance such as the rate of error and the accuracy. Also, these algorithms’ simulated outcomes have been able to demonstrate their superior performance in comparison to the other technologically advanced approaches.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45533513","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Dynamic Inertia Weight Particle Swarm Optimization for Anomaly Detection: A Case of Precision Irrigation","authors":"Mohamed El Bekri","doi":"10.58346/jisis.2023.i2.010","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.010","url":null,"abstract":"Anomaly-based Intrusion Detection System (IDS) is a type of IDS that detects abnormal behaviors by analyzing system activity and network traffic. Anomaly-based IDS works by establishing a baseline of normal behavior for a system or a network. However, these types of systems are less used compared to signature-based IDS for one primary challenge: How to define this normal behavior baseline? The answer to this question is complicated, since it involves not only analyzing or learning from historical data, but requires and understanding of the business domain the system is implemented in. The present study proposes a novel approach to constructing an unsupervised data classifier that combines both Particle Swarm Optimization (PSO) and clustering techniques for anomaly detection. The primary objective of this methodology is to surmount the limitations that conventional clustering algorithms suffer from, such as their inability to identify non-linear patterns within the data, susceptibility to initial conditions, and difficulty in overcoming the problem of local optima. The concept of particle systems is discussed by examining their origins, search strategies, and convergence mechanisms. We use a variant of the Particle Swarm Optimization called Dynamic Inertia Weight-Particle Swarm optimization (DIW-PSO) for our clustering process, and we elaborate on the reasoning behind this decision. Subsequently, we describe the labeling algorithm used for the resulting clusters and we explain the process for identifying anomalous clusters. We have demonstrated the effectiveness of our method by applying it to an intelligent irrigation control system for cotton plants. The results show that our classifier was able to accurately detect abnormal patterns that deviated from the optimal water requirements and growth conditions of the plants.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48313690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IoT Cloud System Based Dual Axis Solar Tracker Using Arduino","authors":"Laith Abdul Raheem Al anzy, Ahmed A. Abdullah, Ali Kahtan Lilo Aquraishi","doi":"10.58346/jisis.2023.i2.012","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.012","url":null,"abstract":"Because of the urgent need for electricity and the shortage of it, humanity has searched for the most environmentally friendly and well-available types of energy. From the different types of energy that comes from the sun, wind, tides, hydro and thermal energy that emanates from the earth and is spontaneously replenished naturally, the focus has been on solar energy. Which represents the best source of energy as it is naturally available in life and does not cause any damage or pollution in particular to nature and life. Not to mention after-math effects. This project led to the development of a two-axis solar tracker with the Internet of Things (IoT) or cloud platform. The solar system improves the performance of the solar panels due to following and the sun's mobility. Four light-dependent resistors (LDRs) were used to detect sunlight and the maximum intensity of the light, two servo motors have been utilized to rotate the panels based on sunlight detection by the LDR, after that, we use the WiFi as an intermediary between the Arduino device and the cloud platform. The cloud represents the final destination for the data to be stored, manipulated and processed.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44304116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RSA Prime Factorization on IBM Qiskit","authors":"Matthew Evans Audric Rengkung, Arya Wicaksana","doi":"10.58346/jisis.2023.i2.013","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.013","url":null,"abstract":"The advancement of quantum computing in recent years poses severe threats to the RSA public-key cryptosystem. The RSA cryptosystem fundamentally relies its security on the computational hardness of number theory problems: prime factorization (integer factoring). Shor’s quantum factoring algorithm could theoretically answer the computational problem in polynomial time. This paper contributes to the experiment and demonstration of Shor’s quantum factoring algorithm for RSA prime factorization using IBM Qiskit. The performance of the quantum program is evaluated based on user time and the success probability. The results show that a more significant public modulus N in the RSA public key improves factorization’s computational hardness, requiring more quantum bits to solve. A further enhancement on implementing Shor’s oracle function is essential in increasing success probability and reducing the number of shots required.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43393081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fine Grained Analysis of Intention for Social Media Reviews Using Distance Measure and Deep Learning Technique","authors":"Akila R, R. S","doi":"10.58346/jisis.2023.i2.003","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.003","url":null,"abstract":"Intent analysis and classification are performed to identify the expressions of intent in the given text. In this paper, the dataset is classified into emotion classifications by utilizing machine learning model SVM, Bipolar classification, Fine Grained Analysis, and Sarcasm detection, with Naïve Bayes and Random Forest techniques of deep learning, including Long Short-Term Memory to perform intention analysis on social media data. Then Fine-grained or Multi-Class Sentiment analysis is used for further classification of the five classes, viz. negative, strong negative, neutral, positive, and strong positive, which detects the sarcastic reviews in the movie dataset. The emotional intention behind the review comments is classified as happiness, rage, sadness, joy, anger, and disgust by using SVM. The reviews are analyzed and calculated based on their subjectivity and context level similarity using Related Relaxed Word Mover Distance (RRWMD) semantic similarity measure. With the advantage of the RRWMD algorithm, the reviews from the context containing deviated or irrelevant contents were removed before being applied to the classification algorithms, thereby reducing the execution time, which obtains a 3% improvement in accuracy. The disadvantage of the RRWMD algorithm is only one deep learning algorithm is compared. From the observed accuracy scores and classification reports, the LSTM has provided higher accuracy, despite the long execution time. The Naïve Bayes model has produced lower accuracy than the neural network model but was efficient, taking less time to fit and classify. The results from various experiments have proven that the semantic similarity measure provides more accurate results than the state-of-the-art model.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42274759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Semantic Annotation Based Effective and Quality Oriented Web Service Discovery","authors":"J. B. Merin, Dr.W. Aisha Banu, K. F. S. Shalin","doi":"10.58346/jisis.2023.i2.006","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.006","url":null,"abstract":"The main objective of this work is to design an effective web service discovery engine that retrieves the best matching results based on the measure of syntactic cum semantic similarity between the user query and the web service to be fetched. The idea is to draw bridges across the broad spectrum of lexical entities based on their relativeness. The essence of this work could be extended to support a wide range of applications from ‘being inculcated in search engines to fetch user-relevant data’ to ‘being used for training robots and AI based devices to respond/adhere appropriately to the different phrases of human commands’.With the accelerated revolution of internet, enterprises and organizations highly rely on Service oriented computing. Web services support inter-operation of distributed applications. Humongous amount of web services present on the internet the user is searching for. The paper focuses ondesigninga practical means of fast and relevant retrieval of web services.The phrase used for searching any given web service differs from one person to another. This work deals with the syntactic cum semantic mechanism proposed for retrieving web services based on the measure of similarity between the name of the web service and the search query entered by the user to discover that service. A list of the Web Service Description Language (WSDL) files is taken as the dataset. Protégé is the tool used for semantic annotation of WSDL files for converting them to Semantically Annotated Web Service Description Language (SAWSDL) files. ‘Wordnet’ is used as the lexical dictionary and Java language has been used to build the rest of the package for implementing the search discovery mechanism.Netbeans is used as IDE.Wamp server with PHPMyAdmin was used for managing the database of SAWSDL files. The degree of similarity is measured by evaluating performance of the engine using metrics such as ‘Precision’, ‘Recall’, ‘Accuracy’ and ‘F-measure’.While the syntactic approach is easier to implement, it suffers from keyword polysemy issues. The proposed search discovery mechanism is based on semantically annotating WSDL files and retrieving the files based on a novel syntactic cum semantic discovery algorithm which usesLeocockChordorow function for computing the similarity. The effectiveness of the proposed algorithm is tested experimentally by building a desktop application using Java.The WSDL files from various domains were semantically annotated by tagging related concepts using ontology. Themachine learning algorithm that best classifies the web services on the basis of their performance metrics is identified. The related services are retrieved by the application of the proposed LCH based Syntactic cum Semantic discovery algorithm (LCH based SSDA).A ranking system is proposed to rank the results by evaluating various QoS attributes. The results of the experiment showed that the proposed system yielded high precision and recall value.The solution has been fo","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46607716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber Threat Hunting Case Study using MISP","authors":"M. Ammi","doi":"10.58346/jisis.2023.i2.001","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.001","url":null,"abstract":"","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48096049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Variant of Digital Signature Algorithm for Constant Message","authors":"Kritsanapong Somsuk, Sarutte Atsawaraungsuk, Chanwit Suwannapong, Suchart Khummanee, Chalida Sanemueang","doi":"10.58346/jisis.2023.i2.005","DOIUrl":"https://doi.org/10.58346/jisis.2023.i2.005","url":null,"abstract":"This study aims to present a modified technique for signing constant messages. In general, intruders may often steal the digital signature of a constant message with relative ease. Assuming there is a constant message that must always be signed by the signer, the digital signature must equally have a constant value. If it is communicated through an insecure channel to the recipient or verifier and is intercepted along the way by attackers, they can assume the identity of the signer and use this signature for authentication. In fact, the proposed method, Digital Signature Algorithm for Constant Message (DSACM) and DSACMV2, are the result of the combination between RSA and OTP. In addition, OTP is selected for signing and validating procedures in which the secret key must be regenerated for each process. Thus, the ciphertext is constantly changing, but the message remains fixed. Moreover, RSA is chosen to protect the transmission of the secret key across an insecure channel. The experimental findings indicate that DSACM and DSACMV2 are suitable for signing a message with a constant value because the signature is an undetermined value. Although it takes two encryption procedures and two decryption processes, the time required to generate the secret key and perform the exclusive or operation increases little. In addition, the proposed methods have the benefit that the constant message is not modified. In fact, it must be combined with an integer such as a timestamp and a random number for the other techniques for changing the ciphertext, and it cannot be signed a single time if its length exceeds the private key.","PeriodicalId":36718,"journal":{"name":"Journal of Internet Services and Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47642732","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}