Work place: Department of Information Technology, Babasaheb Bhimrao Ambedkar University, Lucknow, 226025, Uttar Pradesh, India
E-mail: khanraees@yahoo.com
Website:
Research Interests: Software, Software Construction, Software Development Process, Software Engineering, Application Security, Hardware Security, Information Security, Network Security
Biography
Prof. Raees Ahmad Khan (Member, IEEE, ACM, CSI etc.) is currently working as a Professor & the Head of the Department in the Department of Information Technology, Dean of School for Information Science & Technology, Babasaheb Bhimrao Ambedkar University, (A Central University), VidyaVihar, Raibareli Road, Lucknow, India. Prof. Khan has more than 20 years of teaching & research experience and he has more than 300 research publications to his credit with good impact factors in reputed International Journals and Conferences including IEEE, Springer, Elsevier, Inderscience, Hindawi, and IGI Global, etc. He also has authored and edited a number of National and International Books in English and Chinese Language. His research interests are in different areas of Security Engineering and Computational Techniques.
By Masood Ahmad Mohd Nadeem Raees Ahmad Khan
DOI: https://doi.org/10.5815/ijwmt.2024.01.01, Pub. Date: 8 Feb. 2024
The increasing use of healthcare devices and their communication networks has raised concerns about the security of patient information and the potential for cyber-attacks. In this study, we propose a machine learning approach for classifying security vulnerabilities in healthcare device communication networks by using the Machine Learing (ML) Technique. We collected a dataset of healthcare device vulnerabilities and used feature selection and engineering techniques to extract the most relevant features for the classification task. We trained several machine learning algorithms, Snort algorithm, and support vector machines (SVM) and evaluated their performance using various evaluation metrics. The results showed that the SVM and Snort algorithms had an accuracy of 94%, a precision of 95%, a recall of 93%, and an F1-score of 94%. Our approach can help identify and prioritize security vulnerabilities in healthcare device communication networks, which can lead to better security practices and patient safety.
[...] Read more.By Suhel Ahmad Khan Mohd Nadeem Alka Agrawal Raees Ahmad Khan Rajeev Kumar
DOI: https://doi.org/10.5815/ijmecs.2021.06.04, Pub. Date: 8 Dec. 2021
The objective of this research study is to develop secure and multi-functional software or web application with controlled complexity. The demand of software security in different IT sectors is the main focus of the present endeavor. The different design factors and their prioritization are the need and demand of the system. We have selected the case of banking software or application. Security assessment is an integral part of risk management practices which provides an analytical mechanism to control and integrate security features for valuable opinion during the design phase. The designing of secure software and the impact of security factor is adopted and evaluated by the Preference Ranking Organization Method for Enrichment Evaluation (PROMETHEE)-II method. The PROMETHEE-II methodology evaluates the impact of factors with respect to the design alternatives. The current priority is to work on the state-of-the-art security attributes or alternatives of software design. Decision makers are generally responsible for evaluating various responses within their technical or scientific jurisdiction and rank them accordingly. Fuzzy set theories are the most appropriate tools to provide results for modeling qualitative information because of their ability to handle the impreciseness that is common in rating alternatives. The proposed work highlights the effectiveness of fuzzy PROMETHEE-II method in this context. We have enlisted this methodology for comparing software security factors in design perspective by using linguistic variables. The quantitative analysis attempted in our study was highly accurate for evaluating the security attributes and ranking them as per their priority, particularly in the context of banking software design. The study concludes with the advantages of employing the Fuzzy PROMETHEE-II vis-à-vis the other methodologies in analyzing the software security in the context of design.
[...] Read more.By Suhel Ahmad Khan Raees Ahmad Khan
DOI: https://doi.org/10.5815/ijmecs.2015.02.04, Pub. Date: 8 Feb. 2015
The main component of study is to confirm that how developed security model are helpful for security improvement of object oriented designs. Software refactoring is an essential activity during development and maintenance. It promotes the reengineering measures for improving quality and security of software. The researcher made an effort in this regard to develop security improvement guideline using refactoring activities for object oriented deign. The developed guidelines are helpful to control design complexity for improved security. A case study is adopted from refactoring example by fowler to implement the Security Improvement Guidelines (SIG). The developed Security Quantification Model (SQMOODC) is being used to calculate the quantified value of security at each step. The proposed model SQMOODC calculates the effective security index by ensuring that revised version of object oriented design is being influenced through security improvement guidelines. There is some possibility that original code segment may have some security flaws, anomalies and exploitable entities or vulnerable information that may influence security at design stage. SIG is helpful to cease the security flaws, anomalies, exploitable entities into refactored code segment. Each refactored steps of case study match the prediction of the impact for refactoring rules on security and the impact study for security through SQMOODC model legalize the effectiveness of developed model and security improvement guidelines. The validated results of statistical analysis with different case studies of object oriented designs reflect the usefulness and acceptability of developed models and guidelines.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals