Usage of Artificial Intelligence to Improve Secure Software Development

Yıl 2021, Cilt: 6 Sayı: 1, 46 - 57, 20.02.2021

Ahmet Efe

https://doi.org/10.23834/isrjournal.824662

Cited By: 1

Öz

C# is an object-oriented software language that was developed by Microsoft and runs on the .NET framework. It has the ninth in Github, and it would cause a great impact in .NET. Main method for the situation is mainly using the machine learning techniques to analyze the source code and determine the security level of a source code. Our focus point is the source code files that written in C#. By evaluating the source code elements of software, the framework could proclaim that either a software product is secure or not, thus developer can make necessary arrangement in his or her code. It is important, because securing the code during the creation of the software is easy as compared with the end of the software creation. As part of a limited literature review study, we have analyzed 3 main articles in detail. An assessment of the review is conducted according to artificial neural network logic to help improve the Security of C# software development.

Anahtar Kelimeler

: .NET,, C#,, ASP,, Software Security,, Artificial Neural Network.

Kaynakça

• Aafer, Y. W. D. (2013). DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android. International Conference on Security and Privacy in Communication Networks (SecureComm).
• Afonso,V. M. M. F. (2014). Identifying Android malware using dynamically obtained features. Journal of Computer Virology and Hacking Techniques.
• Agarwal, A. (2016). How to integrate security into your SDLC. http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1174
• Albertini, A. (2014). Hide Android Applications in Images. Black Hat Europe.
• Amos, B. H. A. (2013). Applying Machine Learning Classifiers to Dynamic Android Malware Detection at Scale. International Conference on Wireless Communications and Mobile.
• Bornstein M. (2018) “The Coming Revolution In Software Development” ForbesMagazine, https://www.forbes.com/sites/valleyvoices/2018/08/24/software-developer-revolution/#3d422d051e4a
• Cheng, J. S. H. (2007). SmartSiren: Virus Detection and Alert for Smartphones. International Conference on Mobile Systems, Applications, and Services (MobiSys).
• Chia, P. H. Y. Y. (2012). Is This App Safe? A Large-Scale Study on Application Permissions and Risk Signals. International Conference on World Wide Web (WWW).
• Enck, W. M. O. (2009). On Lightweight Mobile Phone Application Certification. ACM Conference on Computer and Communications Security (CCS).
• Felt, A. P. (2012). Android permissions: User attention, comprehension, and behavior. Symposium on Usable Privacy and Security (SOUPS).
• Github. (2018, 1). Github language stats. https://madnight.github.io/githut/#/pull_requests/2018/1
• Grace, M. Y. Z. (2012). RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. International Conference on Mobile Systems, Applications, and Services (MobiSys.
• Hung, W.-C. W.-H. (2014). DroidDolphin: A Dynamic Android Malware Detection Framework Using Big Data and Machine Learning. Conference on Research in Adaptive and Convergent Systems.
• IDC. (2018). Smartphone OS. https://www.idc.com/promo/smartphone-market-share/os
• Jarabek, C. D. B. (2012). ThinAV: Truly Lightweight Mobile Cloud-based Anti-malware. Annual Computer Security Applications Conference (ACSAC).
• Laskov, N. S. (2014). Practical Evasion of a Learning-Based Classifier: A Case Study. IEEE Symposium on Security and Privacy (S&P).
• Lindorfer, M. N. (2014). Andrubis - 1,000,000 Apps Later:A View on Current Android Malware Behaviors. International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS).
• Lockheimer, 1. (2012). Android and Security. http://googlemobile.blogspot.com/2012/02/android-and-security.html
• Meier, J. D. (2010, 10 24). Threat modelling web applications. http://msdn.microsoft.com/en-us/library/ms978516.aspx
• Microsoft. (2018, 5 11). What is .NET? https://www.microsoft.com/net/learn/what-is-dotnet
• Moser, A. C. K. (2007). Limits of Static Analysis for Malware Detection. Annual Computer Security Applications Conference (ACSAC).
• Oberheide, J. a. (2016, February, 14). https://jon.oberheide.org/blog/2012/06/21/dissecting-the-android-bouncer/
• Oberheide, J. K. V. (2008). Virtualized In-cloud Security Services for Mobile Devices. Workshop on Virtualization in Mobile Computing (MobiVirt).
• Portokalidis, G. P. H. (2010). Paranoid Android: Versatile Protection for Smartphones. Annual Computer Security Applications Conference (ACSAC).
• Redwine, S. T., & et al. (2004). Process to produce secure software: Towards more secure software. National Cyber Security Summit, Vol. 1.
• Reina, A. F. (2013). A system call centric analysis and stimulation technique to automatically reconstruct android malware behaviors. EuroSec.
• Rosen,S. Z. Q. (2013). AppProfiler: A Flexible Method of Exposing Privacy-Related Behavior in Android Applications to End Users. ACM Conference on Data and Application Security and Privacy (CODASPY).
• Sanz, B. I. S.-P. (2012). On the automatic categorization of android applications. Conference on Consumer Communications and Networking (CCNC).IEEE,in 9th IEEE, s. 149–153.
• Shabtai, U. K. (2012). Andromaly: A behavioral malware detection framework for android devices. Journal of Intelligent Information Systems, vol. 38, no. 1, s. 161–190.
• Strazzere, A. A. (2012). Reducing the Window of Opportunity for Android Malware: Gotta catch ’em all. (s. 61–71). Journal in Computer Virology, vol. 8, no. 1-2.
• Strazzere, T. (2009). Downloading market applications without the vending app. http://www.strazzere.com/blog/2009/09/downloading-market-applications-without-the-vending-app
• Weichselbaum, L. N. (2014). Andrubis: Android Malware Under the Magnifying Glass. Vienna University of Technology.
• Zhauniarovich, Y. M. A. (2015). StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications. ACM Conference on Data and Application Security and Privacy (CODASPY).
• Zhou, Y. a. (2012). Dissecting android malware: Characterization and evolution. (s. 95-109). Security and Privacy (SP), 2012 IEEE Symposium on IEEE.