The use of mobile devices is rising daily in this technological era. A continuous and increasing number applications are constantly offered on marketplaces to fulfil the needs smartphone users. Many Android do not address security aspects appropriately. This often due a lack automated mechanisms identify, test, fix source code vulnerabilities at early stages design development. Therefore, need ...

Smart contracts are decentralized applications running on Blockchain. A very large number of smart has been deployed Ethereum. Meanwhile, security flaws have led to huge pecuniary losses and destroyed the ecological stability contract layer It is thus an emerging yet crucial issue effectively efficiently detect vulnerabilities in contracts. Existing detection methods like Oyente Securify mainly...

Mobile Ad-hoc Networks (MANETs) by contrast of other networks have more vulnerability because of having nature properties such as dynamic topology and no infrastructure. Therefore, a considerable challenge for these networks, is a method expansion that to be able to specify anomalies with high accuracy at network dynamic topology alternation. In this paper, two methods proposed for dynamic anom...

Traditionally, network administrators rely on labor-intensive processes for tracking network configurations and vulnerabilities. This requires a great deal of expertise, and is error prone because of the complexity of networks and associated security data. The interdependencies of network vulnerabilities make traditional point-wise vulnerability analysis inadequate. We describe a Topological Vu...

Modern-day attackers tend to use sophisticated multi-stage/multi-host attack techniques and anti-forensics tools to cover their attack traces. Due to the limitations of current intrusion detection and forensic anal­ ysis tools, reconstructing attack scenarios from evidence left behind by the attackers of an enterprise system is challenging. In particular, re­ constructing attack scenarios by us...

Modern-day attackers tend to use sophisticated multi-stage/multi-host attack techniques and anti-forensics tools to cover their attack traces. Due to the current limitations of intrusion detection systems (IDS) and forensic analysis tools, the evidence can be a false positive or missing. Besides, the number of security events is so large that finding an attack pattern is like finding a needle i...

Vulnerability scanning and installing software patches for known vulnerabilities greatly affects the utility of network-based intrusion detection systems that use signatures to detect system compromises. A detailed timeline analysis of important remote-to-local vulnerabilities demonstrates (1) Vulnerabilities in widely-used server software are discovered infrequently (at most 6 times a year) an...

As a result of the increased dependency on obtaining information and connecting each computer together for ease of access/communication, organizations risk being attacked and losing private information through breaches or insecure business activities. To help protect organizations and their assets, companies need to develop a strong understanding of the risks imposed on their company and the se...