Time filter

Source Type

Science, Canada

Nassif A.B.,University of Western Ontario | Capretz L.F.,University of Western Ontario | Ho D.,NFA Estimation Inc. | Azzeh M.,Applied Science University
Proceedings - 2012 11th International Conference on Machine Learning and Applications, ICMLA 2012 | Year: 2012

Software effort prediction is an important task in the software development life cycle. Many models including regression models, machine learning models, algorithmic models, expert judgment and estimation by analogy have been widely used to estimate software effort and cost. In this work, a Tree boost (Stochastic Gradient Boosting) model is put forward to predict software effort based on the Use Case Point method. The inputs of the model include software size in use case points, productivity and complexity. A multiple linear regression model was created and the Tree boost model was evaluated against the multiple linear regression model, as well as the use case point model by using four performance criteria: MMRE, PRED, MdMRE and MSE. Experiments show that the Tree boost model can be used with promising results to estimate software effort. © 2012 IEEE.

Al-Hamami A.H.,Amman Arab University | Al-Saadoon G.M.W.,Applied Science University
Studies in Computational Intelligence | Year: 2014

Intrusion Prevention Systems (IPS) as a security solution have their own characteristics in analysing, detecting and preventing intruders' acts. It provides a quite good service in securing the network, which goes further than the functionality of Intrusion Detection Systems (IDS), firewalls, antivirus and any security applications. This is by actively responding to attacks and affording great flexibility when dealing with security threats. Host based IPS mostly depend on a static signature mechanism to identify intruders, which in turn needs to be updated from time to time to insure the most accurate detection. The use of improved Network Intrusion Prevention System (NIPS) based on two mechanisms is to detect patterns of known intrusions (misuse detection) and to distinguish anomalous network activity of intrusion from normal network traffic (anomaly detection) effectively. The Data Mining methods have been used in this chapter to enhance NIPS based on anomaly detection. In this chapter we try to enhance intruders' detection, by replacing the static database with a dynamic one, and even more adding intelligence to the detecting mechanism through Data Mining. A feedback to the whole process is being made to help in making future inspections to be more realistic. The use of Data Mining methods will result in the development of a Network Intrusion Prevention System (NIPS) as an internal security gateway for defending against attacks and threats from within and outside the computer network system. In addition, it will help to detect anomalous activity comprising suspicious probing inside the network before it launches any network attacks with damaging effects. The study aims to enhance the Snort tool, which consists of a NIPS based on both misuse- and anomaly-detection mechanisms, by using two sub-phases of Data Mining approaches: an improved K-mean clustering algorithm and a PF-growth algorithm. The integration of these two sub-phases helps to discover new rules, especially those related to internal network scans; in addition, the unsupervised learning process in the K-mean algorithm is used to discover new clusters which may represent a new type of attack depending on the decisions of analysts. The Host based IPS will contribute to achieving enhancement in the following: evolving the techniques of investigating activities due to the use of Data Mining, integrate or could eliminate antivirus programs installed on Personal Computer (PC), and Maximize the level of security of the whole network through securing single host. Integrating of two of Data Mining approaches (K-mean clustering and PF-Growth algorithm) helps to discover new rules especially those related to internal network scans, besides unsupervised learning process in K-mean algorithm is used to discover new cluster may represent a new type of attack depending on decisions of analysts. All that work, helps to enhance and develop NIPS tool, by involving Data Mining approaches in investigating anomalies. Besides achieve objective to be a complete system performs requirements such as detect probe attack inside source of network and prevent it before launch network attack to the target machine with high performance, reduce false alarm, easy building system with low cost, and compatibility with any operating system. Furthermore, maximize the effectiveness in identifying attacks, thereby helping the users to construct more secure information systems. © 2014 Springer International Publishing Switzerland.

Samawi V.,Al al-Bayt University | Sulaiman A.,Applied Science University
International Arab Journal of Information Technology | Year: 2013

Application service provider (ASP) is a business that makes computer-based services (small and medium sized businesses) available to clients over a network. The usual ASP sells a large application to large enterprises, but also provides a pay-as-you-go model for smaller clients. One of the main problems with ASP is the insufficient security to resist attacks and guarantee pay-as-you-go. Function hiding can be used to achieve protection for algorithms and assure charging clients on per-usage basis. Encryption functions that can be executed without prior decryption (function hiding protocol) gives good solution to the problems of software protection. Function hiding protocol faces a problem if the same encryption scheme is used for encrypting some data about the function and also the output of the encrypted function. In such case, an attacker could reveal the encrypted data easily thereby comprising its confidentiality. This paper aims to develop a software protection system based on function hiding protocol with software obfuscation that overcomes function hiding protocol problems. The suggested system is a multi-client system that allows charging clients on a per-usage basis (pay-as-you-go) and satisfies both confidentiality and integrity for the ASP and the client.

Al-Hamami A.H.,Amman Arab University | Al-Saadoon G.M.W.,Applied Science University
Proceedings of 2013 Science and Information Conference, SAI 2013 | Year: 2013

Intrusion Prevention Systems (IPS) can analyse, detect and prevent intruder attacks. IPS provide a good service in securing the network, which goes further than the functionality of Intrusion Detection Systems (IDS), firewalls, antiviruses and any security applications, by actively responding to attacks and affording great flexibility when dealing with security threats. © 2013 The Science and Information Organization.

Bowen J.P.,City University London | Hinchey M.,University of Limerick | Janicke H.,De Montfort University | Ward M.,De Montfort University | Zedan H.,Applied Science University
Computer | Year: 2014

Combining formal and agile techniques in software development has the potential to minimize change-related problems. © 2014 IEEE.

Discover hidden collaborations