2,276 Hits in 3.5 sec

Release Management With Continuous Delivery: A Case Study

A. Maruf Aytekin
2014 Zenodo  
The main benefits of this approach lie in the ability to release new applications rapidly which has real strategic impact on the competitive advantage of an organization.  ...  Organizations that successfully implement Continuous Delivery have the ability to evolve rapidly to support innovation, provide stable and reliable software in more efficient ways, decrease the amount  ...  Automate the Build Builds are started on CI server automatically as soon as a change detected on SCM. 6.  ... 
doi:10.5281/zenodo.1096185 fatcat:tzz4pgbl2rh63o27x66dgcc7cq

Security Smells in Ansible and Chef Scripts: A Replication Study [article]

Akond Rahman and Md. Rayhanur Rahman and Chris Parnin and Laurie Williams
2020 arXiv   pre-print
Goal: The goal of this paper is to help practitioners avoid insecure coding practices while developing infrastructure as code scripts through an empirical study of security smells in Ansible and Chef scripts  ...  As infrastructure as code (IaC) scripts, such as Ansible and Chef scripts, are used to provision cloud-based servers and systems at scale, security smells in IaC scripts could be used to enable malicious  ...  We also thank Farzana Ahamed Bhuiyan of Tennessee Technological University for help in expanding the oracle dataset for SLAC's evaluation.  ... 
arXiv:1907.07159v2 fatcat:sean2vmobvdh3od542cjfutuoe

Automatic Extraction of Indicators of Compromise for Web Applications

Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
2016 Proceedings of the 25th International Conference on World Wide Web - WWW '16  
In this paper we propose for the first time an automated technique to extract and validate IOCs for web applications, by analyzing the information collected by a high-interaction honeypot.  ...  Also in the other compromised sites the script was included at the same place in the code as it is shown in Figure 1 , and all the defaced pages looked identical when visited.  ...  For example, these pages often rely on Java-Script code to perform a wide range of actions.  ... 
doi:10.1145/2872427.2883056 dblp:conf/www/CatakogluBB16 fatcat:bdpzdhpnjveepjlevalvrtzdoe

Anti-Patterns in Infrastructure as Code

Akond Rahman
2018 2018 IEEE 11th International Conference on Software Testing, Verification and Validation (ICST)  
The goal of this thesis is to help practitioners in increasing quality of IaC scripts by identifying development and security anti-patterns in the development of infrastructure as code scripts.  ...  In continuous deployment, infrastructure as code (IaC) scripts are used by practitioners to create and manage an automated deployment pipeline that enables information technology (IT) organizations to  ...  RQ1: What security anti-patterns occur in infrastructure as code scripts? Description of SLIC SLIC is a static analysis tool for detecting security smells in IaC scripts.  ... 
doi:10.1109/icst.2018.00057 dblp:conf/icst/Rahman18 fatcat:vrytux7oi5aatdr5cvg5bpuuee

Static Malware Analysis Using Machine Learning

Ambuj Dubey, Aman Prakash
Malware detection is an important factor in Internet-based equipment security Increased malware exploitation Daily internet has become a major threat.  ...  use of machine learning techniques can detect malware effectively and efficiently  ...  Lochan Gowda M for his guidance in this project.  ... 
doi:10.6084/m9.figshare.14997699.v1 fatcat:zd3esi52brbi7k6ccvwzbwxmte

Advances in Cyber Security

Rohit Raosaheb Yadav
2018 International Journal of Engineering Research and  
Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk from both physical and cyber threats.  ...  Hence, we see the Cyber-Security domain making a way forward in today's global industry. Each day there is an advancement in each domain and technology.  ...  Cross-Site Scripting Cross-site scripting (XSS) flaws give attackers the capability to inject client-side scripts into the application, for example, to redirect users to malicious websites.  ... 
doi:10.17577/ijertv7is030091 fatcat:mfgwqlrlefb5daewksougq3hvq

A Multi-stage Approach for Reliable Dynamic Reconfigurations of Component-Based Systems [chapter]

Pierre-Charles David, Marc Léger, Hervé Grall, Thomas Ledoux, Thierry Coupaye
2008 Lecture Notes in Computer Science  
It uses a multistage approach in order to deal with the different kinds of possible errors in the most appropriate way; in particular, the goal is to detect errors as early as possible to minimize their  ...  Reconfigurations are expressed in a restricted, domain-specific language in order to allow different levels of static and dynamic validation, thus detecting errors before executing the reconfiguration  ...  Static Analysis with Respect to the Architecture Model The first stage in the validation chain loads the source code of the reconfiguration script into the chain.  ... 
doi:10.1007/978-3-540-68642-2_9 fatcat:mwya3kde7fgq5jgjo2un2qfqnm

Development nature matters: An empirical study of code clones in JavaScript applications

Wai Ting Cheung, Sukyoung Ryu, Sunghun Kim
2015 Empirical Software Engineering  
We observed that web application developers created clones intentionally and such clones may not be as risky as claimed in previous studies.  ...  In this paper, we report a large-scale clone detection experiment in a dynamically-typed programming language, JavaScript, for different application domains: web pages and standalone projects.  ...  Our work differs from theirs in that they removed the script and style tags in web applications and clustered the remaining HTML tags while we focus on detecting code clones of JavaScript in the script  ... 
doi:10.1007/s10664-015-9368-6 fatcat:rnl5bp7vgrgtjlpex6k5z54w4m

A Monitoring Approach for Safe IPv6 Renumbering

Frederic Beck, Isabelle Chrisment
2006 2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06)  
It is also one of the most risky procedure which needs special attention in the management plane.  ...  We also present an implementation of a monitoring framework and share the experience gained in its deployment.  ...  This plugin consists in a script which is run when a modification in the addressing is detected.  ... 
doi:10.1109/iccgi.2006.3 fatcat:gbthyk5c6zamnpngr272zdv6oy

The do's and don'ts of infrastructure code: A systematic grey literature review

Indika Kumara, Martín Garriga, Angel Urbano Romeu, Dario Di Nucci, Damian Andrew Tamburri, Willem-Jan van den Heuvel, Fabio Palomba
2021 Information and Software Technology  
Context: Infrastructure-as-code (IaC) is the DevOps tactic of managing and provisioning software infrastructures through machine-readable definition files, rather than manual hardware configuration or  ...  We evidence that the field of development and maintenance IaC is in its infancy and deserves further attention.  ...  [20] detected violations of Docker best practices, while Dai et al. [21] leveraged static code analysis and rule-based reasoning to detect risky IaC artifacts. Finally, Sotiropoulos et al.  ... 
doi:10.1016/j.infsof.2021.106593 fatcat:w5kon4duavb7bj4ltkcaz6hrwu

High-contrast Imager for Complex Aperture Telescopes (HiCAT): 6. Software Control Infrastructure and Calibration [article]

Christopher Moriarty, Keira Brooks, Remi Soummer, Marshall Perrin, Thomas Comeau, Gregory Brady, Rob Gontrum, Peter Petrone
2019 arXiv   pre-print
Our software infrastructure enables 24/7 automated operation of high-contrast imaging experiments while monitoring for safe operating parameters, along with graceful shutdown processes for unsafe conditions  ...  The infrastructure also includes a calibration suite that can run nightly to catch regressions and track optical performance changes over time, and a testbed simulator to support software development and  ...  ACKNOWLEDGMENTS This work is supported in part by the National Aeronautics and Space Administration under Grants NNX12AG05G and NNX14AD33G issued through the Astrophysics Research and Analysis (APRA) program  ... 
arXiv:1903.03192v1 fatcat:6f2wjpxfv5g4nhlxiio5boqrti

A Review on Cyber Security and the Fifth Generation Cyberattacks

A. Saravanan, S. Sathya Bama
2016 Oriental journal of computer science and technology  
Cyberattacks has become quite common in this internet era.  ...  Various cyber security threats are presented along with the machine learning algorithms that can be applied on cyberattacks detection.  ...  Acknowledgements This research has not received any specific grant from funding agencies in the public, commercial, or not-for-profit sectors. The authors declare no conflict of interest.  ... 
doi:10.13005/ojcst12.02.04 fatcat:e4ro2yahenherk5i7j57gl4bcq

Frameworks for Performing on Cloud Automated Software Testing Using Swarm Intelligence Algorithm: Brief Survey

Mohammad Hossain, Sameer Abufardeh, Sumeet Kumar
2018 Advances in Science, Technology and Engineering Systems  
These frameworks are found to be more efficient and cost effective because they execute test suites over a distributed cloud infrastructure.  ...  In this paper, we discuss few of the available automated software testing frameworks on the cloud.  ...  The idea is that the more two test cases are dissimilar textually the more they are likely to detect faults in different part of the source code [25, 28] .  ... 
doi:10.25046/aj030229 fatcat:y36ce3hfazhuxnyd25dgk6eiva

Script-Based Generation of Dynamic Testbeds for SOA

Lukasz Juszczyk, Schahram Dustdar
2010 2010 IEEE International Conference on Web Services  
Furthermore, by exploiting the advantages of the Groovy language, Genesis2 provides an intuitive yet powerful scripting interface for testbed control.  ...  Genesis2 supports engineers in modeling testbeds and programming their behavior.  ...  First of all, the usage of closures, which encapsulate userdefined code, for customizations of behavior is definitely risky.  ... 
doi:10.1109/icws.2010.75 dblp:conf/icws/JuszczykD10 fatcat:f5vgea6h35hxlb3axd4z3nm3oa

Script-Based Generation of Dynamic Testbeds for SOA [chapter]

Lukasz Juszczyk, Schahram Dustdar
2011 Socially Enhanced Services Computing  
Furthermore, by exploiting the advantages of the Groovy language, Genesis2 provides an intuitive yet powerful scripting interface for testbed control.  ...  Genesis2 supports engineers in modeling testbeds and programming their behavior.  ...  First of all, the usage of closures, which encapsulate userdefined code, for customizations of behavior is definitely risky.  ... 
doi:10.1007/978-3-7091-0813-0_4 fatcat:utjcqg7sjfaexebluwepw4x3n4
« Previous Showing results 1 — 15 out of 2,276 results