STUDY OF THE EFFICIENCY OF THE SOFTWARE SECURITY IMPROVING METHOD AND SUBSTANTIATION OF PRACTICAL RECOMMENDATIONS FOR ITS USE

Authors

DOI:

https://doi.org/10.30837/ITSSI.2022.19.055

Keywords:

software safety;, efficiency evaluation;, reliability of mathematical modeling results;, practical recommendations

Abstract

The subject of research in the article is a way for evaluating the effectiveness of the software security improving method. The aim of the article – study of the effectiveness of the software security improving method and substantiation of practical recommendations for its use. Tasks to be solved: analysis of methods for describing the software security testing process and evaluating its effectiveness, developing a scheme and method for evaluating the effectiveness of a method for improving software security, developing a simulation model for the software security testing process, studying the effectiveness of a method for improving software security, researching and substantiating the reliability of the results obtained, developing practical recommendations for using the method. Applied methods: system analysis, project approach, heuristic methods of decision making, process models. The results obtained: The analysis of the features of the ways for describing the software security testing process and evaluating its effectiveness showed the possibility of taking into account many factors by using the method of dynamics of averages. A way for evaluating the effectiveness of a method for improving software security has been developed, which differs from the known ones by taking into account the scaling factor of the software development process by introducing security testing specialists. With the help of an improved method, the hypothesis of increasing the efficiency of the security process using the developed method by reducing the relative damage indicator at all stages of the software life cycle, depending on the possible duration of a cyber-intrusion, was proved. The substantiation of the reliability of the results of mathematical modeling has been carried out. A number of practical recommendations on the use of the method of improving software security are given and some shortcomings are highlighted, which allow the conclusion that further research is possible.

Author Biographies

Weiling Cao, Neijiang Normal University

Intermediate grade of experimenter, teacher

Viktor Кosenko, National University " Yuri Kondratyuk Poltava Polytechnic"

Doctor of Sciences (Engineering), Professor

Serhii Semenov, Simon Kuznets Kharkiv National University of Economics

Doctor of Sciences (Engineering), Professor

References

Semenov, S., Weilin, C. (2020), "Testing process for penetration into computer systems mathematical model modification", Advanced Information Systems, Vol. 4, Issue 3, P. 133–138. DOI: https://doi.org/10.20998/2522-9052.2020.3.19

Semenov, S., Weilin, C., Zhang, L., & Bulba, S. (2021), "Automated penetration testing method using Deep machine learning technology", Advanced Information Systems, Vol. 5, Issue 3, P. 119–127. DOI: https://doi.org/10.20998/2522-9052.2021.3.16

Farchi, E., Hartman, A., Pinter, S. (2002), "Using a model-based test generator to test for standard conformance", IBM Systems Journal, Vol. 41, Issue 1, P. 89–110. DOI: https://doi.org/10.1147/sj.411.0089

Ali H. Doğru, Veli Biçer (2010), "Modern Software Engineering Concepts and Practices: Advanced Approaches", IGI Global, Р. 506.

Shanahan, L., Sen, S. (2011), "Dynamics of stochastic and nearly stochastic two-party competitions", Physica A: Statistical Mechanics and its Applications, Vol. 390, Issue 10, P. 1800–1810. DOI: https://doi.org/10.1016/j.physa.2010.12.041

Tze Leung Lai, Haipeng Xing (2008), Statistical Models and Methods for Financial Markets, Springer New York Softcover reprint of hardcover 1st ed., 356 р.

Stephen Boyd, Lieven Vandenberghe (2018), "Introduction to Applied Linear Algebra Vectors, Matrices, and Least Squares", Cambridge University Press. DOI: https://doi.org/10.1017/9781108583664

Swart., J., Winter, A. (2010), "Markov processes: theory and examples", available at: // https://www.uni-due.de/~hm0110/Markovprocesses/sw20.pdf

Kosenko, Nataliia & Kadykova, Iryna & Artiukh, Roman. (2017), "Formalizing the problem of a project team bulding based on the utility theory", Innovative technologies and scientific solutions for industries, P. 53–57. DOI: https://doi.org/10.30837/2522-9818.2017.1.053

Khalife, Kassem, Krikhovetskiy Н.Ya., і H.A. Kuchuk. (2017), "Evaluation of the system software security"[ "Ocіnka vrazlivostі sistemnogo programnogo zabezpechennya"], Management systems, navigation and communication. Collection of scientific, 6 (46), Poltava: PNTU, Р. 141–44.

Semenov S. G., Khalife Kassem, Zakharchenko M. M. (2017), "An improved way to scale agile software development", ["Usovershenstvovannyj sposob masshtabirovaniya gibkoj metodologii razrabotki programmnogo obespecheniya"], Bulletin of NTU "KhPI", Kharkiv, Vol. 1, No. 1, Р. 79– 84. DOI: https://doi.org/10.20998/2522-9052.2017.1.15

Gmurman V.E. (2003), Theory of Probability and Mathematical Statistics, [Teoriya veroyatnostej i matematicheskaya statistika], M., Higher school,479 р.

J.D. Meier, David Hill, Alex Homer, Jason Taylor, Prashant Bansode, Lonnie Wall, Rob Boucher Jr., Akshay Bogawat. (2009),"Microsoft's Guide to Application Architecture Design", available at: // http://ce.sharif.edu/courses/91-92/1/ce474-2/resources/root/App%20Arch%20Guide%202.0.pdf

Robert Seacord (2013), "Secure Coding in C and C++ Addison-Wesley Professional", Р. 600.

Anthony Shaw (2018), "10 common security gotchas in Python and how to avoid them", Hakernoon, available at: // https://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03

Downloads

Published

2022-03-31

How to Cite

Cao, W., Кosenko V., & Semenov, S. (2022). STUDY OF THE EFFICIENCY OF THE SOFTWARE SECURITY IMPROVING METHOD AND SUBSTANTIATION OF PRACTICAL RECOMMENDATIONS FOR ITS USE. INNOVATIVE TECHNOLOGIES AND SCIENTIFIC SOLUTIONS FOR INDUSTRIES, (1 (19), 55–64. https://doi.org/10.30837/ITSSI.2022.19.055

Issue

No. 1 (19) (2022): INNOVATIVE TECHNOLOGIES AND SCIENTIFIC SOLUTIONS FOR INDUSTRIES

Section

INFORMATION TECHNOLOGY

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Our journal abides by the Creative Commons copyright rights and permissions for open access journals.

Authors who publish with this journal agree to the following terms:

  • Authors hold the copyright without restrictions and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.

  • Authors are able to enter into separate, additional contractual arrangements for the non-commercial and non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.

  • Authors are permitted and encouraged to post their published work online (e.g., in institutional repositories or on their website) as it can lead to productive exchanges, as well as earlier and greater citation of published work.