Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - sagar.swe

Pages: [1] 2
1
The usages of mobile application have increased rapidly in recent days. It is also becoming more popular in recent business applications where multiple users are connected through a mobile application to complete the business circle. In this aspect, the demand of quality mobile application is increasing. Usability is the main quality factor for enhancing the quality of application. For this reason, the usability improvement is getting more priority for this kind of application. So, discovering the experiences of the users can lead to improving the usability of mobile application. For this, we introduce Fuzzy Association Rule algorithm (FAR) based on fuzzy association rule mining to discover the experience from the mobile application's users. To validate our approach, we consider a supply change management system where multiple users are linked through the mobile application. In this paper, we examine twelve usability factors that are extracted from ten usability evaluation models to improve the usability. After conducting our experiment, we get knowledge from the users of the mobile application that can be used for the improvement of usability. We get several experiment outcomes and knowledge that can be implemented in practices.

2
In order to play a larger role in software engineering tools static analysis techniques must take into account the specific needs of this application area in particular in terms of interaction with the user and scalability. This new perspective requires a reexamination of the held of static program analysis both internally and in connection with related areas like theorem proving and debugging.

Check : 

3
Experimental software engineering is a part of software engineering that focuses on the experiment of software engineering related to the concept, gathering evidence on the specific domain in software engineering through out the experiment. Sometimes, it is called experimental software engineering. Empirical software engineering emphasizes the use of empirical studies of all kinds to accumulate knowledge. Methods used include experiments, case studies, surveys, and using whatever data is available.

Magne Jørgensen is the man who introduced this area and together with Tore Dyba and Barbara Kitchenham, he has launched a method for systematic review of empiric experiences in the development of ICT projects, called Evidence-based software engineering.

4
Tools for Cyber Security / Cybersecurity Tools
« on: July 09, 2015, 10:02:45 PM »
Vunerability Scanners

nmap - Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing.

Nessus - For security practitioners who assess complex enterprise networks for security flaws and compliance issues, Nessus is the world's most widely-deployed vulnerability and configuration assessment product.

OpenVAS - OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
Forensic

FTK Imager - FTK is a court-accepted digital investigations platform that is built for speed, analytics and enterprise-class scalability. Known for its intuitive interface, email analysis, customizable data views and stability, FTK lays the framework for seamless expansion, so your computer forensics solution can grow with your organization’s needs.

Sans Investigagte Forensic Toolkit (SIFT) - The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigator.
Penetration Testing

Metasploit - Simplifies network discovery and vulnerability verification, increasing the effectiveness of vulnerability scanners such as Nexpose — for free.

Paros - Web Scanner
Reverse Engineering

OllyDbg - OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.
Network and Security Traffic Analysis

SiLK - SiLK, the System for Internet-Level Knowledge, is a collection of traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks. The SiLK tool suite supports the efficient collection, storage, and analysis of network flow data, enabling network security analysts to rapidly query large historical traffic data sets

5
Tools for Cyber Security / Cyber Security tools list
« on: July 09, 2015, 09:58:30 PM »
This list is an collection of cyberwarfare and cybercrime tools. Security tools that have been collected from the internet can be found here. They all have an legit and trusty source.

The tools that criminals use are mostly the same tools that security experts use to audit their systems. This goes the same for cyberwarfare and cybercrime tools. Cyberwarfare or hacktivism tools like DDOS scripts are used by pentesting experts to pentest and audit an environment.

Security tools like Firewall Analyzers and password cracking tools are needed to create and provide secure environments. This list offers an wide range of tools: real time protection tools, portable anti virus programs, anti rootkit tools, sniffing tools and several company provided tools.
Backbox

Pro-actively protect your IT infrastructure with BackBox. It is the perfect security solution; providing pen-testing, incident response, computer forensics, and intelligence gathering tools. The most current release of BackBox Linux includes the latest software solutions for vulnerability analysis/assessment and pen-testing. It is one of the lightest/fastest Linux distros available on the Internet.

Download Backbox 2013
Kali Linux

From the creators of BackTrack comes Kali Linux, the most advanced and versatile penetration testing distribution ever created. BackTrack has grown far beyond its humble roots as a live CD and has now become a full-fledged operating system. With all this buzz, you might be asking yourself: – What’s new ?
Security tools

You can find a lot of security tools on the internet. But it is hard to find the right tool for the right job. Here you will be able to download firewall analyzers and several security tools. Cyberwarzone has listed these tools for you.

    If you believe we missed out on a security tool you can send us an message or simply post it as an comment.

Real time protection
Real time protection tools Avast!    Free
Ad-Aware    Free
AVG    Free
Panda Cloud    Free
Avira free antivirus    Free
Microsoft Security Essentials    Free
Comodo    Free
Fprot (with Returnil)    Free
PC Tools Free    Free
FortiClient Lite    Free
Unthreat Antivirus    Free
Preventon    Free
Rising    Free
Zillya!    Free
NANO    Free
Digital Defender    Free
ClearSight    Free
Zoner    Free
BkavHome    Free
CMC Infosec    Free
Clam Sentinel    Free
Moon Secure    Free

ZenOK
   Free
Ainvo Antivirus    Free
Portable anti-virus programs
Portable anti-virus programs DrWeb cureit
Emsisoft Emergency USB Stick files
Avira DE-Cleaner
Microsoft Safety Scanner
AVZ / AVZ database
Norman malware cleaner
Superantispyware
Panda ActiveScan Cleaner
Trendmicro Sysclean
NoVirusThanks
ArcaVir MicroScan
Zillya! Scanner
Spybot Portable
ClamWin Portable
Guardiano Assembler
Anti Root kit
Anti Root kit TDSS Killer
Avast MBR Scanner
Gmer
RootRepeal
Kernel Detective
SpyDllRemover
VBA anti-rootkit
Sanity check
Rootkit Unhooker
Bitdefender Bootkit Removal Tool
RootkitRemover
mbr tool
catchme
Rootkitty
Kill bootkits
Hypersight Rootkit Detector
Rkdetector
Firewall analyzer

Security is effective when you know what is going on in your environment. The most of us protect ourselves with Firewalls, IDS, IPS and multiple monitor tools.

These devices and tools all create logfiles that can be analyzed to
Firewall Analyzers Software    Free / Paid    Download link
Firemon    Paid    http://www.firemon.com
Barracudanetworks    Paid    http://www.barracudanetworks.com
Splunk    Paid    http://www.splunk.com
Monitor tools

If you want to monitor your environment you can use these monitor tools to find out what is happening in your environment.
Monitor tools Software    FREE / Paid    Download link
Zenoss Core    Free    http://community.zenoss.org/
NTA Monitor    Free    http://www.nta-monitor.com/tools/ike-scan/
Sniffers

Do you need to analyze an packet? You can use this packet analyzers to sniff packets that cross your network. You can analyze network problems, detect network intrusion attempts and more.
Sniffers Software    Free / Paid    Download link
Wireshark    Free    http://www.wireshark.org
      

Code Review Tools

Tools to review code.
Code Review Tools Software    Free / Paid    Download link
Rough Auditing Tool for Security    Free    https://www.fortify.com
Config Review Tools

Tools to review config files.
Config Review Tools Software    Free / Paid    Download link
Apache Benchmark    Free    http://www.cisecurity.org/
Microsoft Best Practice Analyzer    Paid    http://www.microsoft.com
Database Tools
Database Tools Software    Free / Paid    Download link
SQL Server Express Utility    Free    http://www.microsoft.com
MySQL Command-Line Tool    Free    http://dev.mysql.com/
Leviathan    Free    http://leviathan.sourceforge.net/
WinSQL without installer    Free    http://web.synametrics.com/rawfiles.htm
Debugging Tools
Debugging Tools Software    Free / Paid    Download link
OllyDbg    Free    http://www.ollydbg.de/
Forensic Tools
Forensic Tools Software    Free / Paid    Download link
Mandiant Red Curtain    Free    http://www.mandiant.com/
Mandiant Red Line    Free    http://www.mandiant.com/
Fuzzer Tools
Fuzzer Tools Software    Free / Paid    Download link
Skipfish    Free    http://code.google.com/p/skipfish/
WSFuzzer Project    Free    https://www.owasp.org/
FileFuzz    Free    http://www.securiteam.com/tools
Fuzzdb    Free    http://code.google.com/p/fuzzdb/
SAP tools
SAP Tools Software    Free / Paid    Download link
SAPYTO    Free    http://www.security-database.com/

LIVE CD’s
LIVE ISO Software    Free / Paid    Download link
Backtrack    Free    http://www.backtrack-linux.org/
Hiren    Free    http://www.hiren.info/pages/bootcd
Great Tool resources
Other resources Software    Free / Paid    Download link
HackArmoury    Free    http://hackarmoury.com/tools
Microsoft    Free    http://www.microsoft.com/download/
Phenoelit    Free    http://phenoelit.org/fr/tools.html
techsupportalert    Free    Massive tools list
Kaspersky Free Tools
Kaspersky Virus Removal Tool    free    Virus Removal Tool is a utility designed to remove all types of infections from your computer. It implies effective algorithms of detection used by Kaspersky Anti-Virus and AVZ. It cannot substitute a resident antivirus application.

http://www.kaspersky.com/antivirus-removal-tool-register
Kaspersky Rescue Disk 10    free    Kaspersky Rescue Disk is designed to scan, disinfect and restore infected operating systems. It should be used when it is impossible to boot the operating system.

http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso
Kaspersky

Security Scan
   free    Kaspersky Security Scan provides a free-of-charge, easy way to find viruses and other threats that may be hidden on your PC… plus get advice on your PC’s security status.

http://products.kaspersky-labs.com/products/multilanguage/special/kss2/kss12.0.1.117mlg_en_ru_fr_de.exe

Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

6
History & Latest Cyber crime / A brief history of internet security
« on: July 09, 2015, 09:10:24 PM »
1970s

The 1970s was a timeframe in information security history largely untouched by digital calamity, but marked more so by the exploration of emerging telecommunications technology. The first modern day hackers appeared as they attempted to circumvent the system and make free phone calls, a practice that became known as "phreaking." Perhaps the most publicly well know phreaker was John Draper, a.k.a. Captain Crunch, who helped pioneer the practice. Draper was later arrested and convicted on charges related to his nefarious phreaking activities multiple times.

1980s

The 1980s saw the birth of computer clubs. This decade subsequently ushered in the era of malware, marking the first virus, named "Brain", in 1986 as well as the infamous Morris Worm in 1988., The Computer Fraud and Abuse Act was instituted in 1986 and for the first time, a computer hacker, Kevin Poulsen, was featured on America's Most Wanted. Poulsen was finally arrested in 1991, after spending several years as a fugitive. Since his release from prison, however, he has reinvented himself as a journalist and at one point, regularly wrote for the online computer security news portal SecurityFocus, which was purchased by Symantec in 2002.

1990s

The 1990's brought with it the dawn of the modern information security industry. Notable threats witnessed during this decade included the Michelangelo virus, Melissa, and Concept. Distributed denial of service attacks and the bots that made them possible were also born, such as Trin00, Tribal Flood network and Stacheldracht.

Beyond malware, AOL suffered through the first real phishing attacks as fraudsters aimed their efforts at stealing users' credentials. Privacy watchdogs called out in concern as tracking cookies were born, allowing ad networks to monitor user surfing behaviors in a rudimentary fashion.

2000s

The first decade of the 21st Century saw malicious Internet activity turn into a major criminal enterprise aimed at monetary gain. Adware and spyware entered the scene with such programs as Conducent TimeSink, Aureate/Radiate and Comet Cursor.

7
History & Latest Cyber crime / Credit Cards Under Attack
« on: July 09, 2015, 09:07:39 PM »
As we moved into the new millennium things changed radically as cyber-attacks became more targeted, most notably with the first serial data breach of credit card numbers. Between 2005 and 2007, Albert Gonzalez masterminded a criminal ring that stole information from at least 45.7 million payment cards used by customers of US retailer TJX, which owns TJ Maxx, and UK outlet TK Maxx. This was a massive compromise of security on a scale which was previously unheard of and underlined the huge impact that such breaches can have, reportedly costing the company some $256 million.

This is where things became more serious. The data involved in these breaches was regulated and therefore incidents required the notification of authorities and for funds to be set aside to compensate victims. Companies found out the hard way the dire consequences of being unprotected and began to arm themselves with more sophisticated security systems specifically designed to cope with this new reality.

8
History & Latest Cyber crime / The First Viruses (1990s)
« on: July 09, 2015, 09:06:13 PM »
From here on viruses went, well, viral and dominated the headlines. The Melissa and ILOVEYOU viruses infected tens of millions of PCs, causing email systems around the globe to fail, all with little strategic objective or clear financial motivation. These threats led to the development of antivirus technology in order to spot the signature of the virus and prevent it from executing. Equally as important, these threats also played a huge role in driving the awareness of computer users of the risks of reading emails from untrusted sources and opening their attachments. This realization was not lost on companies, as it became clear that if viruses were to spread from corporate email accounts, questions about the security and integrity of the company could be brought into the public eye.

9
History & Latest Cyber crime / The First Computer Worm
« on: July 09, 2015, 09:05:13 PM »
In 1989, Robert Morris created what is now widely acknowledged as the first computer worm. This self-propagating virus spread so aggressively and rapidly that it succeeded in closing down much of the internet. While other subsequent attacks have gained far more notoriety, the Morris worm was a landmark incident in that it was the first widespread instance of a denial-of-service (DoS) attack. Due to the infancy of the internet at the time, the impact was nowhere near as devastating as it would be today. However, it laid the groundwork for the kinds of security issues that we've seen ever since.

The Morris worm and the early nuisance attacks that followed were early instances of having to deal with, and respond to, cyber-security attacks. They ultimately led to the security industry as we know it – including the establishment of CERTs (Computer Emergency Response Teams) as a central point for co-ordinating responses to these kinds of emergencies. The initial reaction from the industry followed the old adage ‘prevention is better than a cure’, giving rise to what has become a litany of preventative and detective security products.

10


The issue of computer security first arose in the 1970s as individuals began to break into telephone systems. As technology advanced, computer systems became targets as well. The Federal Bureau of Investigation (FBI) made one of its first arrests related to computer hacking in the early 1980s. A group of hackers known as the 414s, named after their area code in Milwaukee, Wisconsin, were indicted for attacking 60 different computer systems including the Los Alamos National Laboratory and the Memorial Sloan-Kettering Cancer Center. Computer security breaches like these became increasingly commonplace throughout the 1980s, prompting the passage of the Computer Fraud and Abuse Act. The new legislation allowed more stringent punishments to be levied against individuals caught illegally abusing computer systems. Later in the decade, a 25-year-old hacker named Kevin Mitnick began tapping into the e-mail system used by computer security managers at both Digital Equipment Corp. and MCI Communications Corp. As a result, Mitnick was arrested and sentenced to one year in jail. Although a multitude of other hackers were brought to justice, many continued to operate, including one who successfully pilfered $70 million from the First National Bank of Chicago. Eventually, the Computer Emergency Response Team was established by the U.S. government to research the increasing number of computer security breaches.

Along with growth in hacking activity came the spread of computer viruses. Three of the most well known viruses—Cascade, Friday the 13th, and Stoned—all originated in 1987. When computer companies like IBM Corp. and Symantec Corp. began researching ways to detect and remove viruses from computers, as well as ways to prevent infection in the first place, virus writers began developing more elusive viruses. By 1991, more than 1,000 viruses had been discovered by computer security experts.

Computer security gaps were exposed at many major corporations and governmental bodies—including AT&T Corp., Griffith Air Force Base, NASA, and the Korean Atomic Research Institute—during the early 1990s. For example, an attack on AT&T's network caused the firm's long-distance service to temporarily shut down. During 1995, computers at the U.S. Department of Defense were attacked roughly 250,000 times. A study conducted by the Computer Security Institute that year determined that one in every five Web sites had been hacked. Also that year, Mitnick was arrested for computer fraud and once again sentenced to serve jail time. His offense that time included stealing software, product plans, and data from Motorola Inc., Sun Microsystems Inc., NEC Corp., and Novell Inc., costing the firms a combined total of nearly $80 million. Later in the 1990s, the Web sites of several federal agencies, including the U.S. Department of Justice, the U.S. Air Force, NASA, and the CIA, were defaced by hackers. In addition, the U.S. Bureau of Labor Statistics received a deluge of bogus requests for information. In 1998, the U.S. Department of Justice created the National Infrastructure Protection Center, charging it with task of safeguarding domestic technology, telecommunications, and transportation systems from hackers.

As the amount of commerce handled via the Internet grew, so did the number of malicious attacks. Hacking in 2000 increased 79 percent over 1999 figures, according to a report released by the FBI's Computer Emergency Response Team (CERT). Even leading Web sites such as Yahoo!, America Online, eBay, and Amazon.com were exposed as vulnerable, costing the firms millions of dollars and undermining the already tenuous confidence online shoppers had in the security levels of these sites. Eventually, one of the key perpetrators in many of these attacks, a 16-year-old Canadian boy operating under the name Mafiaboy, was arrested, and authorities discovered he also had broken into the computer networks at Harvard and Yale Universities. While on parole, Mafia-boy was prohibited from using the Internet or shopping at stores that sold computers; only when supervised by a teacher at school, could he use a computer.

11
History & Latest Cyber crime / Going global: worldwide attacks
« on: July 09, 2015, 09:00:11 PM »
When the mid-1990s hit, viruses went international as the first Microsoft Word-based virus using macro commands spread all over the world. In 1998, hackers took control of more than 500 government, military, and private computer systems with the “Solar Sunrise” attacks. Two years later, other hackers were able to crash Amazon, Yahoo and eBay’s websites. In 2001, the Code Red worm ended up causing $2 billion in damage by infecting Microsoft Windows NT and Windows 2000 server software. The large-scale attacks continued into 2006, when anywhere from 469,000 to one million computers were infected with the Nyxem virus.

12
History & Latest Cyber crime / The rise of worms and viruses
« on: July 09, 2015, 08:58:07 PM »
By 1979, computer threats took on another form. In that year, the researchers created the first computer worm. Originally intended to help computers, the bug was modified by hackers so it would destroy and alter data. Just a few years later, computer viruses were created. By 1988, damage became widespread as a worm disabled around 6,000 computers connected to the Advanced Research Projects Agency Network. And by 1990, the first self-modifying viruses were created.

13
One of the first recorded computer security threats actually didn’t come from a human. In 1945, Rear Admiral Grace Murray Hopper found a moth among the relays of a Navy computer and called it a “bug.” From this, the term “debugging” was born. It wasn’t until the 1960s that humans started exploiting networks. From 1964 to 1970, AT&T caught hundreds of people obtaining free phone calls through the use of tone-producing “blue boxes.” Later in the 1970s, John Draper found another way to make free phone calls by using a blue box and plastic toy whistle that came in Cap’n Crunch cereal boxes. The two items combined to replicate a tone unlocking AT&T’s phone network.

14
Security Organizations / ISACA - Dhaka Chapter Leaders
« on: July 08, 2015, 01:52:50 AM »
All Chapter Leaders

 
Mr. A.K.M. Nazrul Haider
President
University of Health Sciences

Dr. Ijazul Haque, CRISC
Vice President

Mr. Omar Farooq Khandaker, CISA,CISM
Secretary & GRA Coordinator

Mr. Nanda Dulal Saha
Joint Secretary

Mr. Shahinur Rahman, CISA
Treasurer

Muhammad Mahmud Hasan, CISA,CRISC
Joint Treasurer & Webmaster

Mr. Biprajit Saha, CISA
Director of Membership

Mr. Muhammad Abul Kalam Azad, CISA
Director of CRISC Certification

Mr. Zahirul Kium, CISA
Director of CGEIT Certification
Flora Limited

Mr. Sk Mahamudul Hoque
Director of Marketing
DFID Bangladesh

Mrs. Farzana Mithun, CISA
Director of Academic Relations

Mr. Omar Farooq Khandaker, CISA,CISM
Secretary & GRA Coordinator

Mr. Md. Mahfuz Ashraf
Director of Communication

Mr. Md Mahbubul Alam, CISA
Director at Large

Mr. Mohammad Arfe Elahi, CISA
Director of IT Governance

Mr. Ali Ashfaq
Immediate Past President
http://www.isaca.org/membership/local-chapter-information/pages/chapteroverview.aspx?chapterid=207

15
Security Organizations / Dhaka Chapter Benefits - ISACA
« on: July 08, 2015, 01:50:43 AM »
Connecting exceptional people with exceptional knowledge to provide our members with a robust offering of benefits


ISACA positions you to succeed and thrive in your career. The Association is a resource you can draw upon to enhance your skills, expand your professional connections and experience a vibrant local and global community of colleagues.


Key ISACA Membership Benefits
Explore ISACA's wide range of member programs, educational opportunities, authoritative publications, and discounted products.

Professional Development

ISACA eLibrary—A comprehensive collection of nearly all ISACA/ITGI published books and over 350 additional titles
Free CPE—ISACA certified members can earn over 60 FREE CPEs per year.
CISA, CISM, CGEIT and CRISC certification—Member discounts for exam study aids, registration and maintenance
Conferences and Training—Member discounts on more than 25 ISACA events annually
Webcasts and e-Symposia—Members obtain up to 3 free CPE hours monthly!
Local (Chapter-level) Education—Access to affordable CPE programs and information exchange through regular chapter meetings and events
Bookstore —Member discounts on ISACA publications and research
Career Centre Enhancements—Access more jobs, including those posted on other job boards, more robust tools for job seekers and, coming soon—a free job board for freelancers.
Access My ISACA to update your profile and CPE hours.
Research and Knowledge

ISACA Journal —The bimonthly technical journal, and an additional source of free CPE hours
@ISACA—A biweekly newsletter, conveniently delivering ISACA and professional news electronically
COBIT Online—Discounted subscription and complimentary baseline functionality
COBIT Quickstart—Complimentary member download - $55 value
Downloads—Members-only research discounts or preferred access to COBIT 4.1, Risk IT: Based on COBIT, Val IT and many other publications from ITGI
Knowledge Center—Exclusive access to one convenient online location where members can access professional knowledge. Network, learn and exchange ideas globally with peers through communities, shared interest groups, discussions and document sharing. Get a holistic view into all ISACA resources.
Standards—Easy access to ISACA's IS Auditing Standards, Guidelines and Procedures
Audit Programs and Internal Control Questionnaires (ICQs)—Guidance tools for best practices
Research Opportunities—Support the work of the IT Governance Institute in developing products for IT governance control, assurance and taburity professionals
Community and Leadership

Join a Discussion Forum on professional topics including Sarbanes-Oxley, IT governance, COBIT and information security management.
Leadership Opportunities—Serve on ISACA boards and committees, help author or review ISACA research publications, write certification exam questions or become a local chapter leader.
Local Chapters—Get involved with your local ISACA chapters, giving you access to affordable CPE programs and information exchange in your local area.

Link: http://www.isaca.org/chapters1/Dhaka/benefits/Pages/default.aspx

Pages: [1] 2