Search Results (4)

With the Internet’s meteoric rise in popularity and usage over the years, there has been a significant increase in the number of web applications. Nearly all organisations use them for various purposes, such as e-commerce, e-banking, e-learning, and social networking. More importantly, web applications have become increasingly vulnerable to malicious attack. To find web vulnerabilities before an attacker, security experts use black-box web application vulnerability scanners to check for security vulnerabilities in web applications. Most studies have evaluated these black-box scanners against various vulnerable web applications. However, most tested applications are traditional (non-dynamic) and do not reflect current web. This study evaluates the detection accuracy of five black-box web application vulnerability scanners against one of the most modern and sophisticated insecure web applications, representing a real-life e-commerce. The tested vulnerabilities are injection vulnerabilities, in particular, structured query language (SQLi) injection, not only SQL (NoSQL), and server-side template injection (SSTI). We also tested the black-box scanners in four modes to identify their limitations. The findings show that the black-box scanners overlook most vulnerabilities in almost all modes and some scanners missed all the vulnerabilities. Full article

The vulnerability of deep neural network (DNN)-based systems makes them susceptible to adversarial perturbation and may cause classification task failure. In this work, we propose an adversarial attack model using the Artificial Bee Colony (ABC) algorithm to generate adversarial samples without the need for a further gradient evaluation and training of the substitute model, which can further improve the chance of task failure caused by adversarial perturbation. In untargeted attacks, the proposed method obtained 100%, 98.6%, and 90.00% success rates on the MNIST, CIFAR-10 and ImageNet datasets, respectively. The experimental results show that the proposed ABCAttack can not only obtain a high attack success rate with fewer queries in the black-box setting, but also break some existing defenses to a large extent, and is not limited by model structure or size, which provides further research directions for deep learning evasion attacks and defenses. Full article

Background: Ambiguities and anomalies in the Activity of Daily Living (ADL) patterns indicate deviations from Wellness. The monitoring of lifestyles could facilitate remote physicians or caregivers to give insight into symptoms of the disease and provide health improvement advice to residents; Objective: This research work aims to apply lifestyle monitoring in an ambient assisted living (AAL) system by diagnosing conduct and distinguishing variation from the norm with the slightest conceivable fake alert. In pursuing this aim, the main objective is to fill the knowledge gap of two contextual observations (i.e., day and time) in the frequent behavior modeling for an individual in AAL. Each sensing category has its advantages and restrictions. Only a single type of sensing unit may not manage composite states in practice and lose the activity of daily living. To boost the efficiency of the system, we offer an exceptional sensor data fusion technique through different sensing modalities; Methods: As behaviors may also change according to other contextual observations, including seasonal, weather (or temperature), and social interaction, we propose the design of a novel activity learning model by adding behavioral observations, which we name as the Wellness indices analysis model; Results: The ground-truth data are collected from four elderly houses, including daily activities, with a sample size of three hundred days plus sensor activation. The investigation results validate the success of our method. The new feature set from sensor data fusion enhances the system accuracy to (98.17% ± 0.95) from (80.81% ± 0.68). The performance evaluation parameters of the proposed model for ADL recognition are recorded for the 14 selected activities. These parameters are Sensitivity (0.9852), Specificity (0.9988), Accuracy (0.9974), F1 score (0.9851), False Negative Rate (0.0130). Full article

The proposed research methodology aims to design a generally implementable framework for providing a house owner/member with the immediate notification of an ongoing theft (unauthorized access to their premises). For this purpose, a rigorous analysis of existing systems was undertaken to identify research gaps. The problems found with existing systems were that they can only identify the intruder after the theft, or cannot distinguish between human and non-human objects. Wireless Sensors Networks (WSNs) combined with the use of Internet of Things (IoT) and Cognitive Internet of Things are expanding smart home concepts and solutions, and their applications. The present research proposes a novel smart home anti-theft system that can detect an intruder, even if they have partially/fully hidden their face using clothing, leather, fiber, or plastic materials. The proposed system can also detect an intruder in the dark using a CCTV camera without night vision capability. The fundamental idea was to design a cost-effective and efficient system for an individual to be able to detect any kind of theft in real-time and provide instant notification of the theft to the house owner. The system also promises to implement home security with large video data handling in real-time. The investigation results validate the success of the proposed system. The system accuracy has been enhanced to 97.01%, 84.13, 78.19%, and 66.5%, in scenarios where a detected intruder had not hidden his/her face, hidden his/her face partially, fully, and was detected in the dark from 85%, 64.13%, 56.70%, and 44.01%. Full article