4 results listed
Nowadays the computing trend is very large-scale and complex such as the Internet, banking system, online payment system, security, and surveillance system are generating a large amount of data every day. From these data, the percentage of imbalance data is quite high. These imbalanced data is misguiding a machine learning model and data mining technique. Learning from imbalanced data is a new complaint that has created increasing concentration from all over the world. This imbalanced data is creating a problem in learning problem with lots of unevenly distributed class. This paper concentrates on few realistic and appropriate data preprocessing techniques and produces an appropriate class evaluation process for the imbalanced data. An empirical distinction of few well-recognized soft computing methods such as Support Vector Machine (SVM), Decision Tree Classifier (DTC), K-Nearest Neighbor (KNN) and Gaussian Naïve Bayes (GNB) are used to find Accuracy, Precision, Recall and FMeasure from an imbalanced dataset. The imbalanced data were trained after a well-known over-sampling technique named Synthetic Minority Over-sampling Technique (SMOTE), under-sampling using Cluster Centroids (CC) technique and then applied a hybrid technique named SMOTEENN which is the combination of SMOTE and Edited Nearest Neighbor (ENN). Accuracy, Precision, Recall, FMeasure and Confusion matrix are used to evaluate the performance. In this task exhibit an experimental distinction of few well-recognized classification algorithms and performance measure that is authentic for the imbalanced dataset, this results we achieved. The result shows that hybrid method redacts better than Oversampling and under-sampling techniques.
International Conference on Cyber Security and Computer Science
ICONCS
Md. Anwar Hossen
Fatema Siddika
Tonmoy Kumar Chanda
T. Bhuiyan
The popularity of web applications is growing faster due to fulfil the requirements of the business and satisfy the needs of consumers. Web applications are now being capable in providing business services to its stakeholders in the most effective and efficient manner. In this modern time, several number of services are providing through web applications and performance of those are measured through the services processing time and the informative functionalities. However, those services, at the same time, can be faced by a threat due to improper validation. Currently, cyber-attacks become a critical risk for every digital transformation throughout the world. Careless coding practice during the development and lack of knowledge about security are the root cause of different types of application layer vulnerability remains in the web system. Remote Code Execution (RCE) is one of the serious vulnerability at this era. According to Web Application Security project (CWE/SANS), RCE has been listed as 2nd ranked critical web application Vulnerability since 2016. Insignificant research works on RCE have been found during the literature review. This paper presents a complete case study on RCE vulnerability.
International Conference on Cyber Security and Computer Science
ICONCS
S. Biswas
M. M. H. K. Sajal
T. Afrin
T. Bhuiyan
M. M. Hassan
Broken Access Control (BAC), ranked as 5th crucial
vulnerability in Open Web Application Security Project
(OWASP), appear to be critical in web applications because of its
adverse consequence i.e. privilege escalation that may lead to
huge financial loss and reputation damage of the company. The
intruder of a web system can get an unauthorized access or
upgraded access level by exploiting through the BAC
vulnerability due to inadequate validation of user credential,
misconfiguration of sensitive data disclosure, inappropriate use of
functions in the code, unmanaged exception handling,
uncontrolled redirection of webpage, etc. This paper presents the
awareness regarding the risk for the existence of BAC
vulnerability in the web application to its designer, developer,
administrator, and web owner considering the facts and findings
of the document before hosting the application on live. The
experiment was conducted on 330 web applications using manual
penetration testing method following double blind testing strategy
where 39.09% of the sites were found vulnerable with the same.
Access on redirection settings, misconfiguration of sensitive data
retrieval, and unauthorized cookie access exploitation techniques
performed on the sample sites among five sectors analyzed based
on the reason of BAC, platform, domain, and operating system.
Binary logistic regression, Pearson’s χ2- value, odd ratios and pvalue
tests were performed for analyzing correlations among
factors of BAC. This examination also revealed that ignoring
session misconfiguration and improper input validation problems
are the critical factors for creating BAC vulnerability in
application.
International Conference on Cyber Security and Computer Science
ICONCS
M. M. Hassan
M. A. Ali
T. Bhuiyan
M. H. Sharif
S. Biswas
Stock market is a marketplace that facilitates buying and selling of company stocks. Finding a right time to buy/sell stock considering market movement is a tricky task to decide. Therefore, predicting the trend of stock buying/selling price is of great interest to stock traders and investors to find the right time to buy/sell stocks. This paper, aims to develop an intelligent system using Trend Estimation with Linear Regression (TELR) for predicting and visualizing the predictions. This system can guide a trader/investor however, with or without expertise in the stock market to achieve profitable investments. We have used the Stock data from Stock Exchange Bangladesh which covers 300+ companies including 29 Banks to train and test our system. We have fitted the trend with maximum likelihood estimation method to train our system with the stock data until December 2017 and then test it with the stock value of January 2018. A comparative result of the trend value derived from the intelligent system with real stock value has been presented to show the effectiveness of the Intelligent Decision System.
International Conference on Cyber Security and Computer Science
ICONCS
Md. Iftekharul Alam Efat
Rakibul Bashar
K. M. Imtiaz Uddin
T. Bhuiyan