Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
JCP
Special Issues
Secure Software Engineering
share announcement

Secure Software Engineering

A special issue of Journal of Cybersecurity and Privacy (ISSN 2624-800X). This special issue belongs to the section "Security Engineering & Applications".

Deadline for manuscript submissions: closed (31 October 2023) | Viewed by 26912

Special Issue Editor

Prof. Dr. Hossein Saiedian

E-Mail Website
Guest Editor
Electrical Engineering and Computer Science, University of Kansas, Lawrence, KS 66045, USA
Interests: software engineering; information security; software architecture; computing education

Special Issue Information

Dear Colleagues,

Software systems have become intrinsic and integral to our lives and are widely deployed in various devices and machinery we use every day. We rely on these devices and machinery and expect their software components to function correctly, even when under cybersecurity attack. If the software components are unable to defend against security attacks, our privacy, confidential information, data accesses, etc. may be stolen or severely compromised.

Research shows that most security vulnerabilities and defects are due to software. The vulnerabilities are introduced into the software system during its development, and cyber attackers target these vulnerabilities to advance their goals. Secure software engineering is about identifying, preventing, or minimizing these vulnerabilities. Just like other systematic efforts in building quality into a software product during its entire development lifecycle, security engineering should also be built into a software development lifecycle, starting with the requirement analysis, architecture design, detailed design, programming, and testing.

This Special Issue of JCP focuses on secure software engineering. We invite software and security engineers to submit ongoing research. The objective of the Special Issue is to foster and publicize discussion of rigorous, systematic, and formal approaches to the development of secure software systems. New and original research as well as review articles that discuss theoretical and practical techniques and experiences in developing secure and dependable software systems will be considered. Interdisciplinary contributions are welcome, as we recognize that secure software development spans different areas including web security, management, risk analysis, and economics.

Prof. Dr. Hossein Saiedian
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Cybersecurity and Privacy is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • processes for building secure software
  • security requirement engineering
  • relationships between security and other non-functional requirements
  • building security in software
  • software architecture security
  • mMetrics and measurement of security properties
  • security implication of a programming language choice
  • security testing and validation
  • security practices on DevOps platforms
  • tools and techniques for software protection
  • formal techniques for modeling secure software
  • static analysis techniques to identify security vulnerabilities

Published Papers (6 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

21 pages, 535 KiB  
Article
Security Attack Behavioural Pattern Analysis for Critical Service Providers
by Elias Seid, Oliver Popov and Fredrik Blix
J. Cybersecur. Priv. 2024, 4(1), 55-75; https://doi.org/10.3390/jcp4010004 - 10 Jan 2024
Viewed by 1112
Abstract
Identifying potential system attacks that define security requirements is crucial to building secure cyber systems. Moreover, the attack frequency makes their subsequent analysis challenging and arduous in cyber–physical systems (CPS). Since CPS include people, organisations, software, and infrastructure, a thorough security attack analysis [...] Read more.
Identifying potential system attacks that define security requirements is crucial to building secure cyber systems. Moreover, the attack frequency makes their subsequent analysis challenging and arduous in cyber–physical systems (CPS). Since CPS include people, organisations, software, and infrastructure, a thorough security attack analysis must consider both strategic (social and organisational) aspects and technical (software and physical infrastructure) aspects. Studying cyberattacks and their potential impact on internal and external assets in cyberspace is essential for maintaining cyber security. The importance is reflected in the work of the Swedish Civil Contingencies Agency (MSB), which receives IT incident reports from essential service providers mandated by the NIS directive of the European Union and Swedish government agencies. To tackle this problem, a multi-realm security attack event monitoring framework was proposed to monitor, model, and analyse security events in social(business process), cyber, and physical infrastructure components of cyber–physical systems. This paper scrutinises security attack patterns and the corresponding security solutions for Swedish government agencies and organisations within the EU’s NIS directive. A pattern analysis was conducted on 254 security incident reports submitted by critical service providers. A total of five critical security attacks, seven vulnerabilities (commonly known as threats), ten attack patterns, and ten parallel attack patterns were identified. Moreover, we employed standard mitigation techniques obtained from recognised repositories of cyberattack knowledge, namely, CAPEC and Mitre, in order to conduct an analysis of the behavioural patterns Full article
(This article belongs to the Special Issue Secure Software Engineering)
Show Figures

Figure 1

22 pages, 690 KiB  
Article
How Close Is Existing C/C++ Code to a Safe Subset?
by Christian DeLozier
J. Cybersecur. Priv. 2024, 4(1), 1-22; https://doi.org/10.3390/jcp4010001 - 28 Dec 2023
Viewed by 914
Abstract
Using a safe subset of C++ is a promising direction for increasing the safety of the programming language while maintaining its performance and productivity. In this paper, we examine how close existing C/C++ code is to conforming to a safe subset of C++. [...] Read more.
Using a safe subset of C++ is a promising direction for increasing the safety of the programming language while maintaining its performance and productivity. In this paper, we examine how close existing C/C++ code is to conforming to a safe subset of C++. We examine the rules presented in existing safe C/C++ standards and safe C/C++ subsets. We analyze the code characteristics of 5.8 million code samples from the Exebench benchmark suite, two C/C++ benchmark suites, and five modern C++ applications using a static analysis tool. We find that raw pointers, unsafe casts, and unsafe library functions are used in both C/C++ code at large and in modern C++ applications. In general, C/C++ code at large does not differ much from modern C++ code, and continued work will be required to transition from existing C/C++ code to a safe subset of C++. Full article
(This article belongs to the Special Issue Secure Software Engineering)
Show Figures

Figure 1

23 pages, 5709 KiB  
Article
An Investigation to Detect Banking Malware Network Communication Traffic Using Machine Learning Techniques
by Mohamed Ali Kazi, Steve Woodhead and Diane Gan
J. Cybersecur. Priv. 2023, 3(1), 1-23; https://doi.org/10.3390/jcp3010001 - 27 Dec 2022
Cited by 2 | Viewed by 3415
Abstract
Banking malware are malicious programs that attempt to steal confidential information, such as banking authentication credentials, from users. Zeus is one of the most widespread banking malware variants ever discovered. Since the Zeus source code was leaked, many other variants of Zeus have [...] Read more.
Banking malware are malicious programs that attempt to steal confidential information, such as banking authentication credentials, from users. Zeus is one of the most widespread banking malware variants ever discovered. Since the Zeus source code was leaked, many other variants of Zeus have emerged, and tools such as anti-malware programs exist that can detect Zeus; however, these have limitations. Anti-malware programs need to be regularly updated to recognise Zeus, and the signatures or patterns can only be made available when the malware has been seen. This limits the capability of these anti-malware products because they are unable to detect unseen malware variants, and furthermore, malicious users are developing malware that seeks to evade signature-based anti-malware programs. In this paper, a methodology is proposed for detecting Zeus malware network traffic flows by using machine learning (ML) binary classification algorithms. This research explores and compares several ML algorithms to determine the algorithm best suited for this problem and then uses these algorithms to conduct further experiments to determine the minimum number of features that could be used for detecting the Zeus malware. This research also explores the suitability of these features when used to detect both older and newer versions of Zeus as well as when used to detect additional variants of the Zeus malware. This will help researchers understand which network flow features could be used for detecting Zeus and whether these features will work across multiple versions and variants of the Zeus malware. Full article
(This article belongs to the Special Issue Secure Software Engineering)
Show Figures

Figure 1

18 pages, 658 KiB  
Article
Defending against OS-Level Malware in Mobile Devices via Real-Time Malware Detection and Storage Restoration
by Niusen Chen and Bo Chen
J. Cybersecur. Priv. 2022, 2(2), 311-328; https://doi.org/10.3390/jcp2020017 - 26 May 2022
Cited by 2 | Viewed by 4202
Abstract
Combating the OS-level malware is a very challenging problem as this type of malware can compromise the operating system, obtaining the kernel privilege and subverting almost all the existing anti-malware tools. This work aims to address this problem in the context of mobile [...] Read more.
Combating the OS-level malware is a very challenging problem as this type of malware can compromise the operating system, obtaining the kernel privilege and subverting almost all the existing anti-malware tools. This work aims to address this problem in the context of mobile devices. As real-world malware is very heterogeneous, we narrow down the scope of our work by especially focusing on a special type of OS-level malware that always corrupts user data. We have designed mobiDOM, the first framework that can combat the OS-level data corruption malware for mobile computing devices. Our mobiDOM contains two components, a malware detector and a data repairer. The malware detector can securely and timely detect the presence of OS-level malware by fully utilizing the existing hardware features of a mobile device, namely, flash memory and Arm TrustZone. Specifically, we integrate the malware detection into the flash translation layer (FTL), a firmware layer embedded into the flash storage hardware, which is inaccessible to the OS; in addition, we run a trusted application in the Arm TrustZone secure world, which acts as a user-level manager of the malware detector. The FTL-based malware detection and the TrustZone-based manager can communicate with each other stealthily via steganography. The data repairer can allow restoring the external storage to a healthy historical state by taking advantage of the out-of-place-update feature of flash memory and our malware-aware garbage collection in the FTL. Security analysis and experimental evaluation on a real-world testbed confirm the effectiveness of mobiDOM. Full article
(This article belongs to the Special Issue Secure Software Engineering)
Show Figures

Figure 1

16 pages, 555 KiB  
Article
Towards Agile Cybersecurity Risk Management for Autonomous Software Engineering Teams
by Hannes Salin and Martin Lundgren
J. Cybersecur. Priv. 2022, 2(2), 276-291; https://doi.org/10.3390/jcp2020015 - 13 Apr 2022
Cited by 3 | Viewed by 6610
Abstract
In this study, a framework was developed, based on a literature review, to help managers incorporate cybersecurity risk management in agile development projects. The literature review used predefined codes that were developed by extending previously defined challenges in the literature—for developing secure software [...] Read more.
In this study, a framework was developed, based on a literature review, to help managers incorporate cybersecurity risk management in agile development projects. The literature review used predefined codes that were developed by extending previously defined challenges in the literature—for developing secure software in agile projects—to include aspects of agile cybersecurity risk management. Five steps were identified based on the insights gained from how the reviewed literature has addressed each of the challenges: (1) risk collection; (2) risk refinement; (3) risk mitigation; (4) knowledge transfer; and (5) escalation. To assess the appropriateness of the identified steps, and to determine their inclusion or exclusion in the framework, a survey was submitted to 145 software developers using a four-point Likert scale to measure the attitudes towards each step. The resulting framework presented herein serves as a starting point to help managers and developers structure their agile projects in terms of cybersecurity risk management, supporting less overloaded agile processes, stakeholder insights on relevant risks, and increased security assurance. Full article
(This article belongs to the Special Issue Secure Software Engineering)
Show Figures

Figure 1

Review

Jump to: Research

30 pages, 4151 KiB  
Review
A Survey of the Recent Trends in Deep Learning Based Malware Detection
by Umm-e-Hani Tayyab, Faiza Babar Khan, Muhammad Hanif Durad, Asifullah Khan and Yeon Soo Lee
J. Cybersecur. Priv. 2022, 2(4), 800-829; https://doi.org/10.3390/jcp2040041 - 28 Sep 2022
Cited by 31 | Viewed by 9313
Abstract
Monitoring Indicators of Compromise (IOC) leads to malware detection for identifying malicious activity. Malicious activities potentially lead to a system breach or data compromise. Various tools and anti-malware products exist for the detection of malware and cyberattacks utilizing IOCs, but all have several [...] Read more.
Monitoring Indicators of Compromise (IOC) leads to malware detection for identifying malicious activity. Malicious activities potentially lead to a system breach or data compromise. Various tools and anti-malware products exist for the detection of malware and cyberattacks utilizing IOCs, but all have several shortcomings. For instance, anti-malware systems make use of malware signatures, requiring a database containing such signatures to be constantly updated. Additionally, this technique does not work for zero-day attacks or variants of existing malware. In the quest to fight zero-day attacks, the research paradigm shifted from primitive methods to classical machine learning-based methods. Primitive methods are limited in catering to anti-analysis techniques against zero-day attacks. Hence, the direction of research moved towards methods utilizing classic machine learning, however, machine learning methods also come with certain limitations. They may include but not limited to the latency/lag introduced by feature-engineering phase on the entire training dataset as opposed to the real-time analysis requirement. Likewise, additional layers of data engineering to cater to the increasing volume of data introduces further delays. It led to the use of deep learning-based methods for malware detection. With the speedy occurrence of zero-day malware, researchers chose to experiment with few shot learning so that reliable solutions can be produced for malware detection with even a small amount of data at hand for training. In this paper, we surveyed several possible strategies to support the real-time detection of malware and propose a hierarchical model to discover security events or threats in real-time. A key focus in this survey is on the use of Deep Learning-based methods. Deep Learning based methods dominate this research area by providing automatic feature engineering, the capability of dealing with large datasets, enabling the mining of features from limited data samples, and supporting one-shot learning. We compare Deep Learning-based approaches with conventional machine learning based approaches and primitive (statistical analysis based) methods commonly reported in the literature. Full article
(This article belongs to the Special Issue Secure Software Engineering)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-6
Back to TopTop