Natural Language Processing for Software Engineering
Description
Discover how Natural Language Processing for Software Engineering can transform your understanding of agile development, equipping you with essential tools and insights to enhance software quality and responsiveness in today's rapidly changing technological landscape.
Agile development enhances business responsiveness through continuous software delivery, emphasizing iterative methodologies that produce incremental, usable software. Working software is the main measure of progress, and ongoing customer collaboration is essential. Approaches like Scrum, eXtreme Programming (XP), and Crystal share these principles but differ in focus: Scrum reduces documentation, XP improves software quality and adaptability to changing requirements, and Crystal emphasizes people and interactions while retaining key artifacts. Modifying software systems designed with Object-Oriented Analysis and Design can be costly and time-consuming in rapidly changing environments requiring frequent updates. This book explores how natural language processing can enhance agile methodologies, particularly in requirements engineering. It introduces tools that help developers create, organize, and update documentation throughout the agile project process.
More details
Other editions
Additional editions
Persons
Rajesh Kumar Chakrawarti, PhD, is a dean and professor in the Department of Computer Science and Engineering at Sushila Devi Bansal College, Bansal Group of Institutions, India. He has over 20 years of professional experience in academia and industry. Additionally, he has organized and attended over 200 seminars, workshops, and conferences and has published over 100 research papers and book chapters in nationally and internationally revered publications.
Ranjana Sikarwar is currently pursuing a PhD from Amity University, Gwalior. She completed her Bachelor of Engineering in 2006 and Master of Technology in Computer Science and Engineering in 2015. Her research interests include social network analysis, graph mining, machine learning, Internet of Things, and deep learning.
Sanjaya Kumar Sarangi, PhD, is an adjunct professor and coordinator at Utkal University with over 23 years of experience in the academic, research, and industry sectors. He has a number of publications in journals and conferences, has authored many textbooks and book chapters, and has more than 30 national and international patents. He is an active member and life member of many associations, as well as an editor, technical program committee member, and reviewer in reputed journals and conferences. He has dedicated his career to advancing information and communication technology to enhance and optimize worldwide research and information dissemination, leading to improved student learning and teaching methods.
Samson Arun Raj Albert Raj, PhD, is an assistant professor and placement coordinator in the Division of Computer Science and Engineering, School of Computer Science and Technology, Karunya Institute of Technology and Sciences, Tamil Nadu, India. His research is focused on smart city development using drone networks and energy grids with various applications, and his areas of expertise include wireless sensor networks, vehicular ad-hoc networks, and intelligent transportation systems.
Shweta Gupta is an assistant professor in the Computer Science and Engineering Department at Medicaps University, Indore (M.P.), India. She focuses on natural language processing, data mining, and machine learning. She aims to close the knowledge gap between theory and real-world applications in the tech sector through her passion for research and teaching. Her approach centers on encouraging creativity and motivating students to strive for technological excellence.
Krishnan Sakthidasan Sankaran, PhD, is a professor in the Department of Electronics and Communication Engineering at Hindustan Institute of Technology and Science, India. He has been a senior member of the Institute of Electrical and Electronics Engineers for the past ten years and has published more than 70 papers in refereed journals and international conferences. He has also published three books to his credit. His research interests include image processing, wireless networks, cloud computing, and antenna design.
Romil Rawat has attended several research programs and received research grants from the United States, Germany, Italy, and the United Kingdom. He has chaired international conferences and hosted several research events, in addition to publishing several research patents. His research interests include cybersecurity, Internet of Things, dark web crime analysis and investigation techniques, and working towards tracing illicit anonymous contents of cyber terrorism and criminal activities.
Content
Preface xvii
1 Machine Learning and Artificial Intelligence for Detecting Cyber Security Threats in IoT Environmment 1
Ravindra Bhardwaj, Sreenivasulu Gogula, Bidisha Bhabani, K. Kanagalakshmi, Aparajita Mukherjee and D. Vetrithangam
1.1 Introduction 2
1.2 Need of Vulnerability Identification 4
1.3 Vulnerabilities in IoT Web Applications 5
1.4 Intrusion Detection System 7
1.5 Machine Learning in Intrusion Detection System 10
1.6 Conclusion 12
References 12
2 Frequent Pattern Mining Using Artificial Intelligence and Machine Learning 15
R. Deepika, Sreenivasulu Gogula, K. Kanagalakshmi, Anshu Mehta, S. J. Vivekanandan and D. Vetrithangam
2.1 Introduction 16
2.2 Data Mining Functions 17
2.3 Related Work 19
2.4 Machine Learning for Frequent Pattern Mining 24
2.5 Conclusion 26
References 26
3 Classification and Detection of Prostate Cancer Using Machine Learning Techniques 29
D. Vetrithangam, Pramod Kumar, Shaik Munawar, Rituparna Biswas, Deependra Pandey and Amar Choudhary
3.1 Introduction 30
3.2 Literature Survey 32
3.3 Machine Learning for Prostate Cancer Classification and Detection 35
3.4 Conclusion 37
References 38
4 NLP-Based Spellchecker and Grammar Checker for Indic Languages 43
Brijesh Kumar Y. Panchal and Apurva Shah
4.1 Introduction 44
4.2 NLP-Based Techniques of Spellcheckers and Grammar Checkers 44
4.2.1 Syntax-Based 44
4.2.2 Statistics-Based 45
4.2.3 Rule-Based 45
4.2.4 Deep Learning-Based 45
4.2.5 Machine Learning-Based 46
4.2.6 Reinforcement Learning-Based 46
4.3 Grammar Checker Related Work 47
4.4 Spellchecker Related Work 58
4.5 Conclusion 66
References 67
5 Identification of Gujarati Ghazal Chanda with Cross-Platform Application 71
Brijeshkumar Y. Panchal
Abbreviations 72
5.1 Introduction 72
5.1.1 The Gujarati Language 72
5.2 Ghazal 75
5.3 History and Grammar of Ghazal 77
5.4 Literature Review 78
5.5 Proposed System 85
5.6 Conclusion 92
References 92
6 Cancer Classification and Detection Using Machine Learning Techniques 95
Syed Jahangir Badashah, Afaque Alam, Malik Jawarneh, Tejashree Tejpal Moharekar, Venkatesan Hariram, Galiveeti Poornima and Ashish Jain
6.1 Introduction 96
6.2 Machine Learning Techniques 97
6.3 Review of Machine Learning for Cancer Detection 101
6.4 Methods 103
6.5 Result Analysis 106
6.6 Conclusion 107
References 108
7 Text Mining Techniques and Natural Language Processing 113
Tzu-Chia Chen
7.1 Introduction 113
7.2 Text Classification and Text Clustering 115
7.3 Related Work 116
7.4 Methodology 121
7.5 Conclusion 123
References 123
8 An Investigation of Techniques to Encounter Security Issues Related to Mobile Applications 127
Devabalan Pounraj, Pankaj Goel, Meenakshi, Domenic T. Sanchez, Parashuram Shankar Vadar, Rafael D. Sanchez and Malik Jawarneh
8.1 Introduction 128
8.2 Literature Review 130
8.3 Results and Discussions 137
8.4 Conclusion 138
References 139
9 Machine Learning for Sentiment Analysis Using Social Media Scrapped Data 143
Galiveeti Poornima, Meenakshi, Malik Jawarneh, A. Shobana, K.P. Yuvaraj, Urmila R. Pol and Tejashree Tejpal Moharekar
9.1 Introduction 144
9.2 Twitter Sentiment Analysis 146
9.3 Sentiment Analysis Using Machine Learning Techniques 149
9.4 Conclusion 152
References 152
10 Opinion Mining Using Classification Techniques on Electronic Media Data 155
Meenakshi
10.1 Introduction 156
10.2 Opinion Mining 158
10.3 Related Work 159
10.4 Opinion Mining Techniques 161
10.4.1 Naïve Bayes 162
10.4.2 Support Vector Machine 162
10.4.3 Decision Tree 163
10.4.4 Multiple Linear Regression 163
10.4.5 Multilayer Perceptron 164
10.4.6 Convolutional Neural Network 164
10.4.7 Long Short-Term Memory 165
10.5 Conclusion 166
References 166
11 Spam Content Filtering in Online Social Networks 169
Meenakshi
11.1 Introduction 169
11.1.1 E-Mail Spam 170
11.2 E-Mail Spam Identification Methods 171
11.2.1 Content-Based Spam Identification Method 171
11.2.2 Identity-Based Spam Identification Method 172
11.3 Online Social Network Spam 172
11.4 Related Work 173
11.5 Challenges in the Spam Message Identification 177
11.6 Spam Classification with SVM Filter 178
11.7 Conclusion 179
References 180
12 An Investigation of Various Techniques to Improve Cyber Security 183
Shoaib Mohammad, Ramendra Pratap Singh, Rajiv Kumar, Kshitij Kumar Rai, Arti Sharma and Saloni Rathore
12.1 Introduction 184
12.2 Various Attacks 185
12.3 Methods 189
12.4 Conclusion 190
References 191
13 Brain Tumor Classification and Detection Using Machine Learning by Analyzing MRI Images 193
Chandrima Sinha Roy, K. Parvathavarthini, M. Gomathi, Mrunal Pravinkumar Fatangare, D. Kishore and Anilkumar Suthar
13.1 Introduction 194
13.2 Literature Survey 197
13.3 Methods 200
13.4 Result Analysis 202
13.5 Conclusion 203
References 203
14 Optimized Machine Learning Techniques for Software Fault Prediction 207
Chetan Shelke, Ashwini Mandale (Jadhav), Shaik Anjimoon, Asha V., Ginni Nijhawan and Joshuva Arockia Dhanraj
14.1 Introduction 208
14.2 Literature Survey 211
14.3 Methods 214
14.4 Result Analysis 216
14.5 Conclusion 216
References 217
15 Pancreatic Cancer Detection Using Machine Learning and Image Processing 221
Shashidhar Sonnad, Rejwan Bin Sulaiman, Amer Kareem, S. Shalini, D. Kishore and Jayasankar Narayanan
15.1 Introduction 222
15.2 Literature Survey 225
15.3 Methodology 227
15.4 Result Analysis 228
15.5 Conclusion 228
References 229
16 An Investigation of Various Text Mining Techniques 233
Rajashree Gadhave, Anita Chaudhari, B. Ramesh, Vijilius Helena Raj, H. Pal Thethi and A. Ravitheja
16.1 Introduction 234
16.2 Related Work 236
16.3 Classification Techniques for Text Mining 240
16.3.1 Machine Learning Based Text Classification 240
16.3.2 Ontology-Based Text Classification 241
16.3.3 Hybrid Approaches 241
16.4 Conclusion 241
References 241
17 Automated Query Processing Using Natural Language Processing 245
Divyanshu Sinha, G. Ravivarman, B. Rajalakshmi, V. Alekhya, Rajeev Sobti and R. Udhayakumar
17.1 Introduction 246
17.1.1 Natural Language Processing 246
17.2 The Challenges of NLP 248
17.3 Related Work 249
17.4 Natural Language Interfaces Systems 253
17.5 Conclusion 255
References 256
18 Data Mining Techniques for Web Usage Mining 259
Navdeep Kumar Chopra, Chinnem Rama Mohan, Snehal Dipak Chaudhary, Manisha Kasar, Trupti Suryawanshi and Shikha Dubey
18.1 Introduction 260
18.1.1 Web Usage Mining 260
18.2 Web Mining 263
18.2.1 Web Content Mining 264
18.2.2 Web Structure Mining 264
18.2.3 Web Usage Mining 265
18.2.3.1 Preprocessing 265
18.2.3.2 Pattern Discovery 265
18.2.3.3 Pattern Analysis 266
18.3 Web Usage Data Mining Techniques 266
18.4 Conclusion 268
References 269
19 Natural Language Processing Using Soft Computing 271
M. Rajkumar, Viswanathasarma Ch, Anandhi R. J., D. Anandhasilambarasan, Om Prakash Yadav and Joshuva Arockia Dhanraj
19.1 Introduction 272
19.2 Related Work 273
19.3 NLP Soft Computing Approaches 276
19.4 Conclusion 279
References 279
20 Sentiment Analysis Using Natural Language Processing 283
Brijesh Goswami, Nidhi Bhavsar, Soleman Awad Alzobidy, B. Lavanya, R. Udhayakumar and Rajapandian K.
20.1 Introduction 284
20.2 Sentiment Analysis Levels 285
20.2.1 Document Level 285
20.2.2 Sentence Level 285
20.2.3 Aspect Level 286
20.3 Challenges in Sentiment Analysis 286
20.4 Related Work 288
20.5 Machine Learning Techniques for Sentiment Analysis 290
20.6 Conclusion 292
References 292
21 Web Data Mining: Exploring Hyperlinks, Contents, and Usage Data 295
C. V. Guru Rao, Nagendra Prasad Krishnam, Akula Rajitha, Anandhi R. J., Atul Singla and Joshuva Arockia Dhanraj
21.1 Introduction 296
21.2 Web Mining 298
21.3 Taxonomy of Web Data Mining 299
21.3.1 Web Usage Mining 300
21.3.2 Web Structure Mining 301
21.3.3 Web Content Mining 301
21.4 Web Content Mining Methods 302
21.4.1 Unstructured Text Data Mining 302
21.4.2 Structured Data Mining 303
21.4.3 Semi-Structured Data Mining 303
21.5 Efficient Algorithms for Web Data Extraction 304
21.6 Machine Learning Based Web Content Extraction Methods 305
21.7 Conclusion 307
References 307
22 Intelligent Pattern Discovery Using Web Data Mining 311
Vidyapati Jha, Chinnem Rama Mohan, T. Sampath Kumar, Anandhi R.J., Bhimasen Moharana and P. Pavankumar
22.1 Introduction 312
22.2 Pattern Discovery from Web Server Logs 313
22.2.1 Subsequently Accessed Interesting Page Categories 314
22.2.2 Subsequent Probable Page of Visit 314
22.2.3 Strongly and Weakly Linked Web Pages 314
22.2.4 User Groups 315
22.2.5 Fraudulent and Genuine Sessions 315
22.2.6 Web Traffic Behavior 315
22.2.7 Purchase Preference of Customers 315
22.3 Data Mining Techniques for Web Server Log Analysis 316
22.4 Graph Theory Techniques for Analysis of Web Server Logs 318
22.5 Conclusion 319
References 320
23 A Review of Security Features in Prominent Cloud Service Providers 323
Abhishek Mishra, Abhishek Sharma, Rajat Bhardwaj, Romil Rawat, T.M.Thiyagu and Hitesh Rawat
23.1 Introduction 324
23.2 Cloud Computing Overview 324
23.3 Cloud Computing Model 326
23.4 Challenges with Cloud Security and Potential Solutions 327
23.5 Comparative Analysis 332
23.6 Conclusion 332
References 332
24 Prioritization of Security Vulnerabilities under Cloud Infrastructure Using AHP 335
Abhishek Sharma and Umesh Kumar Singh
24.1 Introduction 336
24.2 Related Work 338
24.3 Proposed Method 341
24.4 Result and Discussion 346
24.5 Conclusion 352
References 352
25 Cloud Computing Security Through Detection & Mitigation of Zero-Day Attack Using Machine Learning Techniques 357
Abhishek Sharma and Umesh Kumar Singh
25.1 Introduction 358
25.2 Related Work 360
25.2.1 Analysis of Zero-Day Exploits and Traditional Methods 364
25.3 Proposed Methodology 367
25.4 Results and Discussion 376
25.4.1 Prevention & Mitigation of Zero Day Attacks (ZDAs) 381
25.5 Conclusion and Future Work 383
References 384
26 Predicting Rumors Spread Using Textual and Social Context in Propagation Graph with Graph Neural Network 389
Siddharath Kumar Arjaria, Hardik Sachan, Satyam Dubey, Ayush Pandey, Mansi Gautam, Nikita Gupta and Abhishek Singh Rathore
26.1 Introduction 390
26.2 Literature Review 391
26.3 Proposed Methodology 393
26.3.1 Tweep Tendency Encoding 394
26.3.2 Network Dynamics Extraction 395
26.3.3 Extracted Information Integration 396
26.4 Results and Discussion 398
26.5 Conclusion 399
References 400
27 Implications, Opportunities, and Challenges of Blockchain in Natural Language Processing 403
Neha Agrawal, Balwinder Kaur Dhaliwal, Shilpa Sharma, Neha Yadav and Ranjana Sikarwar
27.1 Introduction 404
27.2 Related Work 406
27.3 Overview on Blockchain Technology and NLP 409
27.3.1 Blockchain Technology, Features, and Applications 409
27.3.2 Natural Language Processing 410
27.3.3 Challenges in NLP 411
27.3.4 Data Integration and Accuracy in NLP 411
27.4 Integration of Blockchain into NLP 412
27.5 Applications of Blockchain in NLP 414
27.6 Blockchain Solutions for NLP 417
27.7 Implications of Blockchain Development Solutions in NLP 418
27.8 Sectors That can be Benified from Blockchain and NLP Integration 419
27.9 Challenges 420
27.10 Conclusion 422
References 422
28 Emotion Detection Using Natural Language Processing by Text Classification 425
Jyoti Jayal, Vijay Kumar, Paramita Sarkar and Sudipta Kumar Dutta
28.1 Introduction 426
28.2 Natural Language Processing 427
28.3 Emotion Recognition 429
28.4 Related Work 430
28.4.1 Emotion Detection Using Machine Learning 430
28.4.2 Emotion Detection Using Deep Learning 432
28.4.3 Emotion Detection Using Ensemble Learning 435
28.5 Machine Learning Techniques for Emotion Detection 437
28.6 Conclusion 439
References 439
29 Alzheimer Disease Detection Using Machine Learning Techniques 443
M. Prabavathy, Paramita Sarkar, Abhrendu Bhattacharya and Anil Kumar Behera
29.1 Introduction 444
29.2 Machine Learning Techniques to Detect Alzheimer's Disease 445
29.3 Pre-Processing Techniques for Alzheimer's Disease Detection 446
29.4 Feature Extraction Techniques for Alzheimer's Disease Detection 448
29.5 Feature Selection Techniques for Diagnosis of Alzheimer's Disease 449
29.6 Machine Learning Models Used for Alzheimer's Disease Detection 451
29.7 Conclusion 453
References 454
30 Netnographic Literature Review and Research Methodology for Maritime Business and Potential Cyber Threats 457
Hitesh Rawat, Anjali Rawat and Romil Rawat
30.1 Introduction 458
30.2 Criminal Flows Framework 460
30.3 Oceanic Crime Exchange and Categorization 462
30.4 Fisheries Crimes and Mobility Crimes 469
30.5 Conclusion 470
30.6 Discussion 470
References 470
31 Review of Research Methodology and IT for Business and Threat Management 475
Hitesh Rawat, Anjali Rawat, Sunday Adeola Ajagbe and Yagyanath Rimal
Abbreviation Used 476
31.1 Introduction 477
31.2 Conclusion 484
References 485
About the Editors 487
Index 489
1
Machine Learning and Artificial Intelligence for Detecting Cyber Security Threats in IoT Environmment
Ravindra Bhardwaj1*, Sreenivasulu Gogula2, Bidisha Bhabani3, K. Kanagalakshmi4, Aparajita Mukherjee5 and D. Vetrithangam6
1Deparment of Physics and Computer Science, Dayalbagh Educational Institute (Deemed to be University), Agra, Uttar Pradesh, India
2Department of CSE (Data Science), Vardhaman College of Engineering, Shamshabad, Hyderabad, India
3Department of Computer Science and Engineering, University of Engineering and Management (UEM), New Town, West Bengal, India
4Department of Computer Applications, SRM Institute of Science and Technology (Deemed to be University), Trichy, India
5Department of Computer Science and Engineering, Institute of Engineering and Management, University of Engineering and Management (UEM), New Town, Kolkata, West Bengal, India
6Department of Computer Science & Engineering University, Institute of Engineering, Chandigarh University, Mohali, Punjab, India
Abstract
The Internet of Things (IoT) refers to the increasing connectivity of many human-made entities, such as healthcare systems, smart homes, and smart grids, through the internet. Currently, a vast amount of material and expertise has been widely spread. These networks give rise to several security threats and privacy concerns. Intrusions refer to malevolent and unlawful actions that cause harm to the network. IoT networks are susceptible to a diverse range of security issues due to their widespread presence. Cyber attacks on the IoT architecture can lead to the loss of information or data, as well as the sluggishness of IoT devices. For the past twenty years, an Intrusion Detection System has been utilized to ensure the security of data and networks. Conventional intrusion detection technologies are ineffective in detecting security breaches in the Internet of Things (IoT) because of the distinct standards and protocol stacks used in its network. Regularly analyzing the vast amount of data created by IoT is a tough task due to its endless nature. An intrusion detection system (IDS) is employed to safeguard a system or network against unauthorized access by actively monitoring and identifying any potentially malicious or suspicious activities. Machine learning technologies provide robust and efficient approaches for mitigating these distinct hazards. The establishment of a robust machine learning system is the key to acquiring networks that are free from any form of threats.
Keywords: Machine learning, Internet of Things, security, privacy, attacks, vulnerability, intrusions
1.1 Introduction
The use of connected devices made ordinary chores easier and more efficient. They also provide a lot of information that is of great use. Connected automobiles, for example, may be able to take use of services that provide driver assistance. Medical devices give detailed patient records. The unfortunate reality is that a digital assault is possible on any device that is capable of establishing a connection to the internet. In worst case, many of these devices are missing even the most basic safety safeguards. According to the authors of the report, almost all of the data flow associated with the internet of things (98%) is not secured. This information may be obtained by anybody with little effort. To repeat, devices that are connected to the Internet of Things provide fraudsters with an easy target. Not only might their information be stolen, but perhaps other sensitive data as well. Using one of these devices is a frequent strategy used by hackers to gain access to a company's internal network. The sheer number of these devices and the settings they control may be enough to pique the interest of a cyber-attacker [1] as given in Figure 1.1: Increasing Number of DDOS Attacks [Source: Cisco Annual Internet Report 2018-2023] and in Figure 1.2: Threats to Internet of Things.
In a smart environment, any number of items, including databases of user credentials, electronic sensors, CCTV installations, access controls, personal electronic devices, recorded biometrics, and so on, might be the target of an attack. It is essential to protect the confidentiality, integrity, availability, authentication, and authorization features of the IoT architecture from a security point of view [2]. DDoS attacks are becoming more common, and Cisco's Annual Internet Report (2018-2023) White Paper forecasts that the total number of DDoS attacks would more than double from the 7.9 million that were seen in 2018 to anywhere over 15 million by 2023 as shown in Figure 1.1.
Figure 1.1 Increasing number of DDOS attacks [Source: Cisco Annual Internet Report 2018-2023].
Figure 1.2 Threats to Internet of Things.
According to the survey, 57% of IoT devices that are connected via this insecure traffic are susceptible to medium- to high-severity attacks, making them an easy target for cybercriminals [3]. In addition, the survey found that 41% of attacks target IoT vulnerabilities by scanning them against publicly available databases of known security flaws. The analysis is shown in Figure 1.2.
According to the Internet of Things Threat Report published by Palo Alto Networks in March 2020, 98% of all traffic from IoT devices is unencrypted, giving attackers a chance to eavesdrop. This network contains sensitive and private information that is easily accessible to attackers, who may then sell the information on the dark web for a profit.
1.2 Need of Vulnerability Identification
Vulnerabilities in IoT network are increasing every year. As shown in Figure 1.3, IoT environment is experiencing, a large number of new vulnerabilities every year. All the Internet of Things applications-smart city, smart farming, smart healthcare, smart transportation, and smart traffic-are experiencing new vulnerabilities and increasing number of attacks every year. Also, vulnerabilities and attacks are increasing every year. Number of vulnerabilities has increased threefold in the last decade and twofold in last five years as represented in Figure 1.3: Number of New Vulnerabilities Identified in IOT [Source- IBM X-Force Threat Intelligence Index 2022].
Figure 1.3 Number of new vulnerabilities identified in IoT [Source- IBM X-Force Threat Intelligence Index 2022].
The process of determining how vulnerable a system is to attack is referred to as a vulnerability scan. This kind of scan is carried out to identify potential entry points into a computer or network so that appropriate preventative measures may be taken. Automated scanning methods check applications to see if they have any security problems to establish whether or not there are vulnerabilities in an organization's internal network. Users are spared the time and effort required to carry out hundreds or even thousands of manual tests for each kind of vulnerability since vulnerability scanners automate the process of searching for security issues in a system.
To maintain the integrity of the system's protections, it is essential to assign vulnerabilities a severity ranking before putting into action any remedial procedures. Common Vulnerability Scoring System (CVSS) is a tool that administrators may use to prioritize security problems according to the severity level associated with each fault. The CVSS score of vulnerability is a standard metric that is not developed for unique network architecture. Despite the fact that the frequency and impact of vulnerabilities affect the security risk level of a specific network, the CVSS score of vulnerability is a standard metric. In addition to the severity score, a number of other factors also affect the level of security risk that is posed by the organization's underlying infrastructure. These factors include the age and frequency of vulnerabilities already present in the system, as well as the impact that exploiting vulnerability has on the system. For this reason, it is advised that, when doing risk level calculations, these components, together with the CVSS severity score, be used. This will allow for effective network security risk management.
1.3 Vulnerabilities in IoT Web Applications
The authors of [4] provide a code inspection-based strategy. To identify a number of mistakes hidden inside the process, this method makes use of code inspection. It is said that the offered approach may be used to locate each and every vulnerability in the NVD. Using this classifier might assist in more accurately identifying potential security flaws.
In addition, a web crawler was developed by Guojun and his colleagues [5]. This web spider collects papers that are connected to one another. The TF-IDF is essential to the methodology. Medeiros et al. [6] were the ones who first proposed the approach for evaluating the quality of the code. The concepts that underlie data mining are built on this methodology, which acts as the basis for those concepts. New techniques for identifying web server vulnerabilities were developed by [7].
Authors [8] have developed an innovative method for locating vulnerabilities in web applications. In addition to this, static analysis and data mining directly from the source code are used. Researchers [9] came to the conclusion that XML injection is a critical issue that exists in all web applications. The vast majority of recently published web...
