Mukesh Kumar Gupta

Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey

Dependence on web applications is increasing very rapidly in recent time for social communications, health problem, financial transaction and many other purposes. Unfortunately, presence of security weaknesses in web applications allows malicious users to exploit various security vulnerabilities and become the reason of their failure. Currently, SQL Injection (SQLI) and Cross-Site Scripting (XSS) vulnerabilities are most dangerous security vulnerabilities exploited in various popular web applications i.e. eBay, Google, Facebook, Twitter etc. Research on defensive programming, vulnerability detection and attack prevention techniques has been quite intensive in the past decade. Defensive programming is a set of coding guidelines to develop secure applications. But, mostly developers do not follow security guidelines and repeat same type of programming mistakes in their code. Attack prevention techniques protect the applications from attack during their execution in actual environment. The difficulties associated with accurate detection of SQLI and XSS vulnerabilities in coding phase of software development life cycle. This paper proposes a classification of software security approaches used to develop secure software in various phase of software development life cycle. It also presents a survey of static analysis based approaches to detect SQL Injection and cross-site scripting vulnerabilities in source code of web applications. The aim of these approaches is to identify the weaknesses in source code before their exploitation in actual environment. This paper would help researchers to note down future direction for securing legacy web applications in early phases of software development life cycle.

Predicting Cross-Site Scripting (XSS) security vulnerabilities in web applications

Recently, machine-learning based vulnerability prediction models are gaining popularity in web security space, as these models provide a simple and efficient way to handle web application security issues. Existing state-of-art Cross-Site Scripting (XSS) vulnerability prediction approaches do not consider the context of the user-input in output-statement, which is very important to identify context-sensitive security vulnerabilities. In this paper, we propose a novel feature extraction algorithm to extract basic and context features from the source code of web applications. Our approach uses these features to build various machine-learning models for predicting context-sensitive Cross-Site Scripting (XSS) security vulnerabilities. Experimental results show that the proposed features based prediction models can discriminate vulnerable code from non-vulnerable code at a very low false rate.

XSSDM: Towards detection and mitigation of cross-site scripting vulnerabilities in web applications

With the growth of the Internet, web applications are becoming very popular in the user communities. However, the presence of security vulnerabilities in the source code of these applications is raising cyber crime rate rapidly. It is required to detect and mitigate these vulnerabilities before their exploitation in the execution environment. Recently, Open Web Application Security Project (OWASP) and Common Vulnerabilities and Exposures (CWE) reported Cross-Site Scripting (XSS) as one of the most serious vulnerabilities in the web applications. Though many vulnerability detection approaches have been proposed in the past, existing detection approaches have the limitations in terms of false positive and false negative results. This paper proposes a context-sensitive approach based on static taint analysis and pattern matching techniques to detect and mitigate the XSS vulnerabilities in the source code of web applications. The proposed approach has been implemented in a prototype tool and evaluated on a public data set of 9408 samples. Experimental results show that proposed approach based tool outperforms over existing popular open source tools in the detection of XSS vulnerabilities.

A novel approach to enhance the performance of ring based WDM PON

In this paper, we have analysed a ring-based wavelength-division-multiplexing passive optical network (WDM-PON), which provides fiber-fault protection by using dual ring architecture as well as Rayleigh backscattering (RB) noise mitigation. For protection and restoration against fiber fault, the dual fiber ring is used. Here, we discuss and analyse the characteristics of the downstream signals using 10 Gb/s ON-OFF keying (OOK), 10 Gb/s dicode-coded NRZ. Moreover, we also investigate the upstream traffic using the 2.5Gb/s OOK generated by the reflective semiconductor optical amplifier-based optical network unit. The ring-based WDM-PON with dicode-coded NRZ gives improved bit error rate (BER), hence reach of PON can be increased.

The K-means Clustering Based Fuzzy Edge Detection Technique on MRI Images

Edge detection plays a vital role in medical imaging applications such as MRI segmentation. Magnetic resonance imaging (MRI) is an imaging technique used in medical science to diagnose tumors of the brain by producing high quality images of the inside of the human body, by using various edge detectors. There exists many edge detector but still, need for research is felt in order to enhance their performance. A very common problem faced by most of the edge detector is the choice of threshold values. This paper presents fuzzy based edge detection using K-means clustering method. The K-means clustering approach is used in generating various groups which are then input to the mamdani fuzzy inference system. This whole process results in the generation of the threshold parameter which is then fed to the classical sobel edge detector which helps in enhancing its edge detection capability using the fuzzy logic. This whole setup is applied on the MR images of the human brain. The retrieved results represents that fuzzy based k-means clustering enhances the performance of classical sobel edge detector and along with retaining much relevant information about the tumors of the brain.

Study of the structural phase transformation, and optical behavior of the as synthesized ZnO–SnO2–TiO2 nanocomposite

Bulk nanocomposites ZnO–SnO2–TiO2 were synthesized by solid-state reaction method. The X-ray diffraction patterns and Raman spectra of bulk nanocomposite as a function of sintering temperature (700 °C–1300 °C) indicate that the structural phases of SnO2 and TiO2 depend on the sintering temperature while the ZnO retains its hexagonal wurtzite phase at all sintering temperatures and SnO2 started to transform into SnO at 900 °C and completely converted into SnO at 1100 °C, whereas the titanium dioxide (TiO2) exhibits its most stable phase such as rutile at low sintering temperature (≤900°C) and it transforms partially into brookite phase at high sintering temperature (≥ 900 °C). The optical band gap of nanocomposite ZnO–SnO2–TiO2 sintered at 700 °C, 900 °C, 1100 °C and 1300 °C for 16 hours is calculated using the transformed diffuse reflectance ultra violet visible near infra red (UV–VisNIR) spectra and has been found to be 3.28, 3.29, 3.31 and 3.32 eV, respectively.

Performance Analysis and Optimization of 40 Gbps Transmission System over 4000 km with FBG

In this paper, we analyze the performance of the single channel transmission system for different lengths of fiber using dispersion compensated fiber (DCF) and fiber Bragg grating (FBG). A system with high data rate of 40 Gbps is simulated and analyzed to study effects of factors like dispersion and nonlinearity for different modulation techniques. The analysis is done in terms of bit error rate (BER) and quality factor (Q) for a comparative study of different level coding. The simulation results depict that FBG works as a better dispersion compensator as compared to DCF, also provides improved performance in optical fiber network with symmetrical compensation. The observation results that duo-binary coding schemes depict good performance with FBG (Fiber brag Grating) up to a length of 4000 km.

Analysis and mitigation of Raman cross talk in WDM TDM system using partial response coding and Raman pump

In this work, we analyzed the effects of partial response coding (balance duobinary and dicode coding) in the presence of nonlinear effects. By simulation, we find that the balance duobinary coding is more affected by stimulus Raman scattering (SRS) by an amount of 0.5 dB as compare to dicode coding. So, dicode coding comparatively more tolerance to Raman cross talk in the video Overlay Passive Optical Network (PON). Further in this system 8.3 dB amplification is done by using Raman pump for the data signal to compensate the SRS effect and fiber loss for improving the performance of PON Network.

A context-sensitive approach for precise detection of cross-site scripting vulnerabilities

Currently, dependence on web applications is increasing rapidly for social communication, health services, financial transactions and many other purposes. Unfortunately, the presence of cross-site scripting vulnerabilities in these applications allows malicious user to steals sensitive information, install malware, and performs various malicious operations. Researchers proposed various approaches and developed tools to detect XSS vulnerability from source code of web applications. However, existing approaches and tools are not free from false positive and false negative results. In this paper, we propose a taint analysis and defensive programming based HTML context-sensitive approach for precise detection of XSS vulnerability from source code of PHP web applications. It also provides automatic suggestions to improve the vulnerable source code. Preliminary experiments and results on test subjects show that proposed approach is more efficient than existing ones.

Group Velocity Dispersion tolerant WDM TDM Passive Optical Networks

In the present work, we have analyzed the effects of dicode coding in a passive optical network based on both wavelength and time division multiplexing (WDM-TDM-PON). By numerical analysis, we observed that network using dicode coding is more tolerant to Group Velocity Dispersion (GVD) as compared to traditional Non-return to zero - on-offkeying(NRZOOK) coding. Dispersion degrades the sensitivity of NRZ receiver by 5.5 dB hence limiting the number of users and channel length. With the observations from analysis and results, we suggest the use of Dicode coding to double the number of usersand increase the length of the network by 20percentin respect to NRZ.