Evaluating the Impact of Software Security Tactics: A Design Perspective

Design architecture is the edifice that strengthens the functionalities as well as the security of web applications. In order to facilitate architectural security from the web application’s design phase itself, practitioners are now adopting the novel mechanism of security tactics. With the intent to conduct a research from the perspective of security tactics, the present study employs a hybrid multi-criteria decision-making approach named fuzzy analytic hierarchy process-technique for order preference by similarity ideal solution (AHP-TOPSIS) method for selecting and assessing multi-criteria decisions. The adopted methodology is a blend of fuzzy analytic hierarchy process (fuzzy AHP) and fuzzy technique for order preference by similarity ideal solution (fuzzy TOPSIS). To establish the efficacy of this methodology, the results are obtained after the evaluation have been tested on fifteen different web application projects (Online Quiz competition, Entrance Test, and others) of the Babasaheb Bhimrao Ambedkar University, Lucknow, India. The tabulated outcomes demonstrate that the methodology of the Multi-Level Fuzzy Hybrid system is highly effective in providing accurate estimation for strengthening the security of web applications. The proposed study will help experts and developers in developing and managing security from any web application design phase for better accuracy and higher security.     

Hesitant Fuzzy-Sets Based Decision-Making Model for Security Risk Assessment

Security is an important component in the process of developing healthcare web applications. We need to ensure security maintenance; therefore the analysis of healthcare web application's security risk is of utmost importance. Properties must be considered to minimise the security risk. Additionally, security risk management activities are revised, prepared, implemented, tracked, and regularly set up efficiently to design the security of healthcare web applications. Managing the security risk of a healthcare web application must be considered as the key component. Security is, in specific, seen as an add-on during the development process of healthcare web applications, but not as the key problem. Researchers must ensure that security is taken into account right from the earlier developmental stages of the healthcare web application. In this row, the authors of this study have used the hesitant fuzzy-based AHP-TOPSIS technique to estimate the risks of various healthcare web applications for improving security-durability. This approach would help to design and incorporate security features in healthcare web applications that would be able to battle threats on their own, and not depend solely on the external security of healthcare web applications. Furthermore, in terms of healthcare web application's security-durability, the security risk variable is measured, and vice versa. Hence, the findings of our study will also be useful in improving the durability of several web applications in healthcare.     

Hybrid Computational Modeling for Web Application Security Assessment

Transformation from conventional business management systems to smart digital systems is a recurrent trend in the current era. This has led to digital revolution, and in this context, the hardwired technologies in the software industry play a significant role However, from the beginning, software security remains a serious issue for all levels of stakeholders. Software vulnerabilities lead to intrusions that cause data breaches and result in disclosure of sensitive data, compromising the organizations’ reputation that translates into, financial losses as well. Most of the data breaches are financially motivated, especially in the healthcare sector. The cyber invaders continuously penetrate the E-Health data because of the high cost of the data on the dark web. Therefore, security assessment of healthcare web-based applications demands immediate intervention mechanisms to weed out the threats of cyber-attacks. The aim of this work is to provide efficient and effective healthcare web application security assessment. The study has worked with the hybrid computational model of Multi-Criteria Decision Making (MCDM) based on Analytical Hierarchy Process (AHP) and Technique for Order of Preference by Similarity to Ideal-Solutions (TOPSIS) under the Hesitant Fuzzy (HF) environment. Hesitant fuzzy sets provide effective solutions to address decision making problems where experts counter hesitation to make a decision. The proposed research endeavor will support designers and developers in identifying, selecting and prioritizing the best security attributes for web applications’ development. The empirical analysis concludes that Robustness got highest priority amongst the assessed security attributes set followed by Encryption, Authentication, Limit Access, Revoke Access, Data Validation, and Maintain Audit Trail. The results of this research endeavor depict that this proposed computational procedure would be the most conversant mechanism for determining the web application security. The study also establishes guidelines which the developers can refer for the identification and prioritization of security attributes to build more secure and trustworthy web-based applications.     

Managing Security-Risks for Improving Security-Durability of Institutional Web-Applications: Design Perspective

The advanced technological need, exacerbated by the flexible time constraints, leads to several more design level unexplored vulnerabilities. Security is an extremely vital component in software development; we must take charge of security and therefore analysis of software security risk assumes utmost significance. In order to handle the cyber-security risk of the web application and protect individuals, information and properties effectively, one must consider what needs to be secured, what are the perceived threats and the protection of assets. Security preparation plans, implements, tracks, updates and consistently develops safety risk management activities. Risk management must be interpreted as the major component for tackling security efficiently. In particular, during application development, security is considered as an add-on but not the main issue. It is important for the researchers to stress on the consideration of protection right from the earlier developmental stages of the software. This approach will help in designing software which can itself combat threats and does not depend on external security programs. Therefore, it is essential to evaluate the impact of security risks during software design. In this paper the researchers have used the hybrid Fuzzy AHP-TOPSIS method to evaluate the risks for improving security durability of different Institutional Web Applications. In addition, the e-component of security risk is measured on software durability, and vice versa. The paper’s findings will prove to be valuable for enhancing the security durability of different web applications.     

Network Quality Assessment in Heterogeneous Wireless Settings: An Optimization Approach

The identification of an effective network which can efficiently meet the service requirements of the target, while maintaining ultimate performance at an increased level is significant and challenging in a fully interconnected wireless medium. The wrong selection can contribute to unwanted situations like frustrated users, slow service, traffic congestion issues, missed and/or interrupted calls, and wastefulness of precious network components. Conventional schemes estimate the handoff need and cause the network screening process by a single metric. The strategies are not effective enough because traffic characteristics, user expectations, network terminology and other essential device metrics are not taken into account. This article describes an intelligent computing technique based on Multiple-Criteria Decision-Making (MCDM) approach developed based on integrated Fuzzy AHP-TOPSIS which ensures flexible usability and maximizes the experience of end-users in miscellaneous wireless settings. In different components the handover need is assessed and the desired network is chosen. Further, fuzzy sets provide effective solutions to address decision making problems where experts counter uncertainty to make a decision. The proposed research endeavor will support designers and developers to identify, select and prioritize best attributes for ensuring flexible usability in miscellaneous wireless settings. The results of this research endeavor depict that this proposed computational procedure would be the most conversant mechanism for determining the usability and experience of end-users.     

Estimating Security Risk of Healthcare Web Applications: A Design Perspective

In the recent years, the booming web-based applications have attracted the hackers’ community. The security risk of the web-based hospital management system (WBHMS) has been increasing rapidly. In the given context, the main goal of all security professionals and website developers is to maintain security divisions and improve on the user’s confidence and satisfaction. At this point, the different WBHMS tackle different types of security risks. In WBHMS, the security of the patients’ medical information is of utmost importance. All in all, there is an inherent security risk of data and assets in the field of the medical industry as a whole. The objective of this study is to estimate the security risk assessment of WBHMS. The risks assessment pertains to securing the integrity of the information in alignment with the Health Insurance Portability and Accountability Act. This includes protecting the relevant financial records, as well as the identification, evaluation, and prevention of a data breach. In the past few years, according to the US-based cyber-security firm Fire-eye, 6.8 million data thefts have been recorded in the healthcare sector in India. The breach barometer report mentions that in the year 2019, the data breaches found were up to 48.6% as compared to the year 2018. Therefore, it is very important to assess the security risk in WBHMS. In this research, we have followed the hybrid technique fuzzy analytic hierarchy process-technique for order of preference by similarity to ideal solution (F-AHPTOPSIS) approach to assess the security risk in WBHMS. The place of this empirical database is at the local hospital of Varanasi, U.P., India. Given the affectability of WBHMS for its board framework, this work has used diverse types of web applications. The outcomes obtained and the procedure used in this assessment would support future researchers and specialists in organizing web applications through advanced support of safety and security.     

Integrating Blockchain Technology into Healthcare Through an Intelligent Computing Technique

The blockchain technology plays a significant role in the present era of information technology. In the last few years, this technology has been used effectively in several domains. It has already made significant differences in human life, as well as is intended to have noticeable impact in many other domains in the forthcoming years. The rapid growth in blockchain technology has created numerous new possibilities for use, especially for healthcare applications. The digital healthcare services require highly effective security methodologies that can integrate data security with the available management strategies. To test and understand this goal of security management in Saudi Arabian perspective, the authors performed a numerical analysis and simulation through a multi criteria decision making approach in this study. The authors adopted the fuzzy Analytical Hierarchy Process (AHP) for evaluating the effectiveness and then applied the fuzzy Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) technique to simulate the validation of results. For eliciting highly corroborative and conclusive results, the study referred to a real time project of diabetes patients’ management application of Kingdom of Saudi Arabia (KSA). The results discussed in this paper are scientifically proven and validated through various analysis approaches. Hence the present study can be a credible basis for other similar endeavours being undertaken in the domain of blockchain research.     

Uncertain Knowledge Reasoning Based on the Fuzzy Multi Entity Bayesian Networks

With the rapid development of the semantic web and the ever-growing size of uncertain data, representing and reasoning uncertain information has become a great challenge for the semantic web application developers. In this paper, we present a novel reasoning framework based on the representation of fuzzy PR-OWL. Firstly, the paper gives an overview of the previous research work on uncertainty knowledge representation and reasoning, incorporates Ontology into the fuzzy Multi Entity Bayesian Networks theory, and introduces fuzzy PR-OWL, an Ontology language based on OWL2. Fuzzy PR-OWL describes fuzzy semantics and uncertain relations and gives grammatical definition and semantic interpretation. Secondly, the paper explains the integration of the Fuzzy Probability theory and the Belief Propagation algorithm. The influencing factors of fuzzy rules are added to the belief that is propagated between the nodes to create a reasoning framework based on fuzzy PR-OWL. After that, the reasoning process, including the SSFBN structure algorithm, data fuzzification, reasoning of fuzzy rules, and fuzzy belief propagation, is scheduled. Finally, compared with the classical algorithm from the aspect of accuracy and time complexity, our uncertain data representation and reasoning method has higher accuracy without significantly increasing time complexity, which proves the feasibility and validity of our solution to represent and reason uncertain information.     

基于需求层次模型的产品发展趋势预测方法

提出了一种从用户产品需求进化规律来定位目前产品发展阶段,寻找产品改进方向,预测未来发展趋势的方法。该方法建立了用户需求层次模型和用户需求到产品特性之间的映射关系,采用模糊聚类分析法对产品特征进行聚类分析,并用分析结果进行产品预测。最后以插线板特征分析为例,验证了该方法的可行性。     

用户需求下的安溪铁观音包装设计路径研究

目的 为解决安溪铁观音茶叶包装设计过程中的问题,本研究提出一种集成Kano-AHP-TOPSIS的茶叶包装设计路径。方法 首先,以安溪铁观音为研究对象,根据安溪铁观音消费需求,明确包装开发中视觉、功能、情感及文化等设计属性,从中总结归纳出二十二项设计中的用户需求因素,并基于Kano模型对其进行属性划分;其次,应用层次分析法(AHP)求解安溪铁观音包装设计中各需求因素权重,依据权重排序情况构思安溪铁观音包装设计方案;最后,运用AHP-TOPSIS法进行安溪铁观音包装设计方案的客观评价,以此验证所提出的路径在安溪铁观音包装设计中的可行性。结果 基于Kano-AHP-TOPSIS的安溪铁观音包装设计方案均优于现有包装设计。结论 基于用户需求集成的Kano-AHP-TOPSIS的茶叶包装设计路径可科学分析用户需求、合理聚焦设计因素、客观评价设计方案,可见该设计路径可为同类茶叶包装设计提供参考借鉴的思路。     

Probing the effects of culture on the communication of websites design

Cultural diversity makes it impossible for designers to depend on instinctive knowledge or personal experiences. Therefore, it is vital to understand the requirements, communication patterns, and mental models of users from diverse cultures. The aim of this research is to probe whether incorporating cultural factors into web design can improve the web communication (usability). In this research, two cultures are selected based on Hofstede's cultural dimension model, and the local website audit is further constructed to check if there are significantly different preferences for a web interface design between two cultures (Taiwanese and Australian cultures). The web usability experiment is then established to test if those culturally preferred characteristics can improve the web communication (usability). The results of the usability test reveal that cultural preferences can facilitate the web communication. Furthermore, the suggestions for cross-cultural interaction design are concluded based on the results of the web communication evaluation.

Relevance to human factors/ergonomics theory

This research is relevant to human factors/ergonomics theory.     

High-performance spider webs: integrating biomechanics,ecology and behaviour

Spider silks exhibit remarkable properties, surpassing most natural and synthetic materials in both strength and toughness. Orb-web spider dragline silk is the focus of intense research by material scientists attempting to mimic these naturally produced fibres. However, biomechanical research on spider silks is often removed from the context of web ecology and spider foraging behaviour. Similarly, evolutionary and ecological research on spiders rarely considers the significance of silk properties. Here, we highlight the critical need to integrate biomechanical and ecological perspectives on spider silks to generate a better understanding of (i) how silk biomechanics and web architectures interacted to influence spider web evolution along different structural pathways, and (ii) how silks function in an ecological context, which may identify novel silk applications. An integrative, mechanistic approach to understanding silk and web function, as well as the selective pressures driving their evolution, will help uncover the potential impacts of environmental change and species invasions (of both spiders and prey) on spider success. Integrating these fields will also allow us to take advantage of the remarkable properties of spider silks, expanding the range of possible silk applications from single threads to two- and three-dimensional thread networks.     

A Unified Decision-Making Technique for Analysing Treatments inPandemicContext

The COVID-19 pandemic has triggered a global humanitarian disaster that has never been seen before. Medical experts, on the other hand, are undecided on the most valuable treatments of therapy because people ill with this infection exhibit a wide range of illness indications at different phases of infection. Further, this project aims to undertake an experimental investigation to determine which treatments for COVID-19 disease is the most effective and preferable. The research analysis is based on vast data gathered from professionals and research journals, making this study a comprehensive reference. To solve this challenging task, the researchers used the HF AHP-TOPSIS Methodology, which is a well-known and highly effective Multi-Criteria Decision Making (MCDM) technique. The technique assesses the many treatment options identified through various research papers and guidelines proposed by various countries, based on the recommendations of medical practitioners and professionals. The review process begins with a ranking of different treatments based on their effectiveness using the HF-AHP approach and then evaluates the results in five different hospitals chosen by the authors as alternatives. We also perform robustness analysis to validate the conclusions of our analysis. As a result, we obtained highly corroborative results that can be used as a reference. The results suggest that convalescent plasma has the greatest rank and priority in terms of effectiveness and demand, implying that convalescent plasma is the most effective treatment for SARS-CoV-2 in our opinion. Peepli also has the lowest priority in the estimation.     

Unsupervised tissue classification of brain MR images for voxel‐based morphometry analysis

In this article, a fully unsupervised method for brain tissue segmentation of T1‐weighted MRI 3D volumes is proposed. The method uses the Fuzzy C‐Means (FCM) clustering algorithm and a Fully Connected Cascade Neural Network (FCCNN) classifier. Traditional manual segmentation methods require neuro‐radiological expertise and significant time while semiautomatic methods depend on parameter's setup and trial‐and‐error methodologies that may lead to high intraoperator/interoperator variability. The proposed method selects the most useful MRI data according to FCM fuzziness values and trains the FCCNN to learn to classify brain’ tissues into White Matter, Gray Matter, and Cerebro‐Spinal Fluid in an unsupervised way. The method has been tested on the IBSR dataset, on the BrainWeb Phantom, on the BrainWeb SBD dataset, and on the real dataset “University of Palermo Policlinico Hospital” (UPPH), Italy. Sensitivity, Specificity, Dice and F‐Factor scores have been calculated on the IBSR and BrainWeb datasets segmented using the proposed method, the FCM algorithm, and two state‐of‐the‐art brain segmentation software packages (FSL and SPM) to prove the effectiveness of the proposed approach. A qualitative evaluation involving a group of five expert radiologists has been performed segmenting the real dataset using the proposed approach and the comparison algorithms. Finally, a usability analysis on the proposed method and reference methods has been carried out from the same group of expert radiologists. The achieved results show that the segmentations of the proposed method are comparable or better than the reference methods with a better usability and degree of acceptance.     

Benchmarking Approach to Compare Web Applications Static Analysis Tools Detecting OWASP Top Ten Security Vulnerabilities

To detect security vulnerabilities in a web application, the security analyst must choose the best performance Security Analysis Static Tool (SAST) in terms of discovering the greatest number of security vulnerabilities as possible. To compare static analysis tools for web applications, an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project (OWASP) Top Ten project is required. The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance. Given the significant cost of commercial tools, this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project. Thus, the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project. The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.     

基于动态模糊关联规则推理的光网络故障管理(英文)

当代光网络趋于复杂化,一个故障将引发多个告警事件。同时,同一告警可能由不同的故障导致。本文研究了基于数据挖掘的光网络告警相关性分析,我们从动态网络资源与设备中挖掘关联规则,充分利用和维护原有规则知识,使网络结构和规则库都能快速更新,并提出了新型的动态模糊关联规则挖掘算法IDFARM。同时运用模糊逻辑将数值型告警属性转化为逻辑语言变量,当网络中有新的未知告警发生时,我们对模糊关联规则运用模糊推理来进行故障诊断,这将缩短网络恢复时间,有利于提高光网络故障管理性能。仿真实验验证了文章算法的正确性和有效性。     

Optimal Confidential Mechanisms in Smart City Healthcare

Smart City Healthcare (SHC²) system is applied in monitoring the patient at home while it is also expected to react to their needs in a timely manner. The system also concedes the freedom of a patient. IoT is a part of this system and it helps in providing care to the patients. IoT-based healthcare devices are trustworthy since it almost certainly recognizes the potential intensifications at very early stage and alerts the patients and medical experts to such an extent that they are provided with immediate care. Existing methodologies exhibit few shortcomings in terms of computational complexity, cost and data security. Hence, the current research article examines SHC² security through Light Weight Cipher (LWC) with Optimal S-Box model in PRESENT cipher. This procedure aims at changing the sub bytes in which a single function is connected with several bytes’ information to upgrade the security level through Swam optimization. The key contribution of this research article is the development of a secure healthcare model for smart city using SHC² security via LWC and Optimal S-Box models. The study used a nonlinear layer and single 4-bit S box for round configuration after verifying SHC² information, constrained by Mutual Authentication (MA). The security challenges, in healthcare information systems, emphasize the need for a methodology that immovably concretes the establishments. The methodology should act practically, be an effective healthcare framework that depends on solidarity and adapts to the developing threats. Healthcare service providers integrated the IoT applications and medical services to offer individuals, a seamless technology-supported healthcare service. The proposed SHC² was implemented to demonstrate its security levels in terms of time and access policies. The model was tested under different parameters such as encryption time, decryption time, access time and response time in minimum range. Then, the level of the model and throughput were analyzed by maximum value i.e., 50 Mbps/sec and 95.56% for PRESENT-Authorization cipher to achieve smart city security. The proposed model achieved better results than the existing methodologies.     

Webometrics benefitting from web mining? An investigation of methods and applications of two research fields

Webometrics and web mining are two fields where research is focused on quantitative analyses of the web. This literature review outlines definitions of the fields, and then focuses on their methods and applications. It also discusses the potential of closer contact and collaboration between them. A key difference between the fields is that webometrics has focused on exploratory studies, whereas web mining has been dominated by studies focusing on development of methods and algorithms. Differences in type of data can also be seen, with webometrics more focused on analyses of the structure of the web and web mining more focused on web content and usage, even though both fields have been embracing the possibilities of user generated content. It is concluded that research problems where big data is needed can benefit from collaboration between webometricians, with their tradition of exploratory studies, and web miners, with their tradition of developing methods and algorithms.     

Efficient impulse noise removal using hybrid neuro-fuzzy filter with optimized intelligent water drop technique

Impulse noise (IN) affects the digital image, during transmission, digital storage, and image acquisition. IN removal from an image is necessary as it retains the quality of the image. This work concentrates on the IN. A neuro-fuzzy (NF) system based on a fuzzy technique which is trained by a learning algorithm derived from neural network theory was implemented for the removal of noise. A NF network for noise filtering in grayscale images that combines two NF filters with a postprocessor to produce the output was presented. However, Sugeno-type is not intuitive technique and it also less accurate. To overcome these problems, a hybrid NF filter with optimized intelligent water drop (IWD) technique is introduced, where hybridized Sugeno–Mamdani-based fuzzy interference system is implemented in both the NF filters to obtain more efficient noise removal system. To improve the accuracy of the assignment of membership values to each input pixels, the optimized IWD technique is utilized, as the choice of membership function decides the efficiency of the noise removal in the images. Here, Fuzzy rules have been used to obtain the filtered output. The Hybrid method maintains the accuracy of the Sugeno model and also the interpretable capability of the Mamdani model. This method is robust against the IN and it is flexible, efficient, and accurate than existing filtering method in both noise attenuation and detail preservation and it has a great scope for better real-time applications.