1 |
Improving Vulnerability Description Using Natural Language GenerationAlthebeiti, Hattan 01 January 2023 (has links) (PDF)
Software plays an integral role in powering numerous everyday computing gadgets. As our reliance on software continues to grow, so does the prevalence of software vulnerabilities, with significant implications for organizations and users. As such, documenting vulnerabilities and tracking their development becomes crucial. Vulnerability databases addressed this issue by storing a record with various attributes for each discovered vulnerability. However, their contents suffer several drawbacks, which we address in our work. In this dissertation, we investigate the weaknesses associated with vulnerability descriptions in public repositories and alleviate such weaknesses through Natural Language Processing (NLP) approaches. The first contribution examines vulnerability descriptions in those databases and approaches to improve them. We propose a new automated method leveraging external sources to enrich the scope and context of a vulnerability description. Moreover, we exploit fine-tuned pretrained language models for normalizing the resulting description. The second contribution investigates the need for uniform and normalized structure in vulnerability descriptions. We address this need by breaking the description of a vulnerability into multiple constituents and developing a multi-task model to create a new uniform and normalized summary that maintains the necessary attributes of the vulnerability using the extracted features while ensuring a consistent vulnerability description. Our method proved effective in generating new summaries with the same structure across a collection of various vulnerability descriptions and types. Our final contribution investigates the feasibility of assigning the Common Weakness Enumeration (CWE) attribute to a vulnerability based on its description. CWE offers a comprehensive framework that categorizes similar exposures into classes, representing the types of exploitation associated with such vulnerabilities. Our approach utilizing pre-trained language models is shown to outperform Large Language Model (LLM) for this task. Overall, this dissertation provides various technical approaches exploiting advances in NLP to improve publicly available vulnerability databases.
|
2 |
Quantifying Computer Network SecurityBurchett, Ian 01 December 2011 (has links)
Simplifying network security data to the point that it is readily accessible and usable by a wider audience is increasingly becoming important, as networks become larger and security conditions and threats become more dynamic and complex, requiring a broader and more varied security staff makeup. With the need for a simple metric to quantify the security level on a network, this thesis proposes: simplify a network’s security risk level into a simple metric. Methods for this simplification of an entire network’s security level are conducted on several characteristic networks. Identification of computer network port vulnerabilities from NIST’s Network Vulnerability Database (NVD) are conducted, and via utilization of NVD’s Common Vulnerability Scoring System values, composite scores are created for each computer on the network, and then collectively a composite score is computed for the entire network, which accurately represents the health of the entire network. Special concerns about small numbers of highly vulnerable computers or especially critical members of the network are confronted.
|
3 |
A Method for Recommending Computer-Security Training for Software DevelopersNadeem, Muhammad 12 August 2016 (has links)
Vulnerable code may cause security breaches in software systems resulting in financial and reputation losses for the organizations in addition to loss of their customers’ confidential data. Delivering proper software security training to software developers is key to prevent such breaches. Conventional training methods do not take the code written by the developers over time into account, which makes these training sessions less effective. We propose a method for recommending computer–security training to help identify focused and narrow areas in which developers need training. The proposed method leverages the power of static analysis techniques, by using the flagged vulnerabilities in the source code as basis, to suggest the most appropriate training topics to different software developers. Moreover, it utilizes public vulnerability repositories as its knowledgebase to suggest community accepted solutions to different security problems. Such mitigation strategies are platform independent, giving further strength to the utility of the system. This research discussed the proposed architecture of the recommender system, case studies to validate the system architecture, tailored algorithms to improve the performance of the system, and human subject evaluation conducted to determine the usefulness of the system. Our evaluation suggests that the proposed system successfully retrieves relevant training articles from the public vulnerability repository. The human subjects found these articles to be suitable for training. The human subjects also found the proposed recommender system as effective as a commercial tool.
|
4 |
Evaluation of night vision devices for image fusion studiesCheng, Wee Kiang 12 1900 (has links)
Approved for public release; distribution in unlimited. / Night Vision Devices (NVD) using Image Intensification (II) technology are among the most important sensors used by ground troops and aviators in night operations for modern combat. With the intensified images from these devices, soldiers can see an enemy's movement better and further in darkness. This thesis explores different test methods in evaluating the performances and sensitivities of several NVDs for future image fusion studies. Specification data such as sensitivity, resolution (Modulation Transfer Function) and pixel size are obtained. Comparative analyses of the collected results are made to characterize the performances of the different NVDs. A new method using MATLAB programming to objectively analyze digitized images for characterization of II based NVDs is proposed. This test method can also be extended to the evaluation of Thermal Imaging (TI) systems for comparative analysis with II NVDs. In addition, the feasibility of testing NVDs using both II and TI technologies, with common operating conditions and target boards is discussed. Finally, the potential of using these digitized images for image fusion studies is verified with the test and evaluation results. / Republic of Singapore
|
5 |
Real Time Vehicle Detection for Intelligent Transportation SystemsShurdhaj, Elda, Christián, Ulehla January 2023 (has links)
This thesis aims to analyze how object detectors perform under winter weather conditions, specifically in areas with varying degrees of snow cover. The investigation will evaluate the effectiveness of commonly used object detection methods in identifying vehicles in snowy environments, including YOLO v8, Yolo v5, and Faster R-CNN. Additionally, the study explores the method of labeling vehicle objects within a set of image frames for the purpose of high-quality annotations in terms of correctness, details, and consistency. Training data is the cornerstone upon which the development of machine learning is built. Inaccurate or inconsistent annotations can mislead the model, causing it to learn incorrect patterns and features. Data augmentation techniques like rotation, scaling, or color alteration have been applied to enhance some robustness to recognize objects under different alterations. The study aims to contribute to the field of deep learning by providing valuable insights into the challenges of detecting vehicles in snowy conditions and offering suggestions for improving the accuracy and reliability of object detection systems. Furthermore, the investigation will examine edge devices' real-time tracking and detection capabilities when applied to aerial images under these weather conditions. What drives this research is the need to delve deeper into the research gap concerning vehicle detection using drones, especially in adverse weather conditions. It highlights the scarcity of substantial datasets before Mokayed et al. published the Nordic Vehicle Dataset. Using unmanned aerial vehicles(UAVs) or drones to capture real images in different settings and under various snow cover conditions in the Nordic region contributes to expanding the existing dataset, which has previously been restricted to non-snowy weather conditions. In recent years, the leverage of drones to capture real-time data to optimize intelligent transport systems has seen a surge. The potential of drones in providing an aerial perspective efficiently collecting data over large areas to precisely and timely monitor vehicular movement is an area that is imperative to address. To a greater extent, snowy weather conditions can create an environment of limited visibility, significantly complicating data interpretation and object detection. The emphasis is set on edge devices' real-time tracking and detection capabilities, which in this study introduces the integration of edge computing in drone technologies to explore the speed and efficiency of data processing in such systems.
|
6 |
Coding For Multi-Antenna Wireless Systems And Wireless Relay NetworksKiran, T 11 1900 (has links)
Communication over a wireless channel is a challenging task because of the inherent fading effects. Any wireless communication system employs some form of diversity improving techniques in order to improve the reliability of the channel. This thesis deals with efficient code design for two different spatial diversity techniques, viz, diversity by employing multiple antennas at the transmitter and/or the receiver, and diversity through cooperative commu-
nication between users. In other words, this thesis deals with efficient code design for (1) multiple-input multiple-output (MIMO) channels, and (2) wireless relay channels. Codes for the MIMO channel are termed space-time (ST) codes and those for the relay channels are called distributed ST codes.
The first part of the thesis focuses on ST code construction for MIMO fading channel with perfect channel state information (CSI) at the receiver, and no CSI at the transmitter. As a measure of performance we use the rate-diversity tradeoff and the Diversity-Multiplexing Gain (D-MG) Tradeoff,
which are two different tradeoffs characterizing the tradeoff between the rate
and the reliability achievable by any ST code. We provide two types of code
constructions that are optimal with respect to the rate-diversity tradeoff; one is based on the rank-distance codes which are traditionally applied as codes for storage devices, and the second construction is based on a matrix representation of a cayley algebra. The second contribution in ST code constructions is related to codes with
a certain nonvanishing determinant (NVD) property. Motivation for these constructions is a recent result on the necessary and sufficient conditions for an ST code to achieve the D-MG tradeoff. Explicit code constructions satisfying these conditions are provided for certain number of transmit antennas.
The second part of the thesis focuses on distributed ST code construction for wireless relay channel. The transmission protocol follows a two-hop model wherein the source broadcasts a vector in the first hop and in the second hop the relays transmit a vector that is a transformation of the received vector by a relay-specific unitary transformation. While the source and relays do not have CSI, at the destination we assume two different scenarios (a) destina-
tion with complete CSI (b) destination with only the relay-destination CSI. For both these scenarios, we derive a Chernoff bound on the pair-wise error probability and propose code design criteria. For the first case, we provide explicit construction of distributed ST codes with lower decoding complexity compared to codes based on some earlier system models. For the latter case,
we propose a novel differential encoding and differential decoding technique and also provide explicit code constructions.
At the heart of all these constructions is the cyclic division algebra (CDA) and its matrix representations. We translate the problem of code construction in each of the above scenarios to the problem of constructing CDAs satisfying certain properties. Explicit examples are provided to illustrate each of these constructions.
|
Page generated in 0.0249 seconds