Research Interests:
Research Interests:
Research Interests:
Smart building technology incorporates efficient and automated controls and applications that use smart energy products, networked sensors, and data analytics software to monitor environmental data and occupants’ energy consumption habits... more
Smart building technology incorporates efficient and automated controls and applications that use smart energy products, networked sensors, and data analytics software to monitor environmental data and occupants’ energy consumption habits to improve buildings’ operation and energy performance. Smart technologies and controls are becoming increasingly important not only in research and development (R&D) but also in industrial and commercial domains, leading to a steady growth in their application in the building sector. This study examines the literature on SBEMS published between 2010 and 2020 with a systematic approach. It examines the trend with the annual number of the published studies before exploring the classification of publications in terms of factors such as domain of SBEMS, control approaches, smart technologies, and quality attributes. Recent developments around the smart building energy management systems (SBEMS) have focused on features that provide occupants with an i...
Research Interests:
Research Interests:
Research Interests:
Occupancy-driven application research has been active research for a decade that focuses on improving or replacing new building infrastructure to improve building energy efficiency. Existing approaches for HVAC energy saving are putting... more
Occupancy-driven application research has been active research for a decade that focuses on improving or replacing new building infrastructure to improve building energy efficiency. Existing approaches for HVAC energy saving are putting more emphasis on occupancy detection, estimation, and localization to trade-off between energy consumption and thermal comfort satisfaction. In a non-intrusive approach, various sensors, actuators, and analytic data methods are commonly used to process data from occupant surroundings and trigger appropriate action to achieve the task. However, the performance of the non-intrusive approach reported in the literature is relatively poor due to the lack of quality of dataset used in model training and expropriate choice of machine learning model. This study proposed a non-intrusive approach that to improve the collection and quality of dataset using data pre-processing. The study collected a training dataset using various sensors installed in the buildin...
Research Interests:
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers use SQLIA to get unauthorized access and perform unauthorized data modification. To combat problem of... more
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers use SQLIA to get unauthorized access and perform unauthorized data modification. To combat problem of SQLIA, different researchers proposed variety of tools and methods that can be used as defense barrier between client application and database server. However, these tools and methods failed to address the whole problem of SQL injection attack, because most of the approaches are vulnerable in nature, cannot resist sophisticated attack or limited to scope of subset of SQLIA type. with regard to this different researchers proposed different approach (experimental and analytical evaluation) to evaluate the effectiveness of these existing tools based on type SQLIAs they can detect or prevent. However, none of the researcher considers evaluating these existing tool or method based on their ability to be deployed in various injection parameters or developmen...
Research Interests:
SQL Injection Attack (SQLIA) is one of the most severe attacks that can be used against web database driven applications. Attackers’ use SQLIA to get unauthorized access and perform un-authorize data modification as result of improper... more
SQL Injection Attack (SQLIA) is one of the most severe attacks that can be used against web database driven applications. Attackers’ use SQLIA to get unauthorized access and perform un-authorize data modification as result of improper input validation by web application developers. Various studies have shown that average of 64% of web application of worldwide are vulnerable to SQLIA as result of their vulnerability. To mitigate the devastating problem of SQLIA, this research proposed web application firewall for SQL injection Attack (SQLIA) that protects unauthorized users from SQLIA. Recent study shows that there is need for improving effectiveness of existing SQLIA firewall to reduce the Loss of data, getting vital information and risk of being attack as result of inaccurate false negative and false positive result reported by the SQLIA. The research focus on improving effectiveness of SQLIA firewall by proposing web application firewall for blind and tautology SQLIA in order to h...
Research Interests:
SQL Injection Attack (SQLIA) is one of the most severe attacks that can be used against web database driven applications. Attackers’ use SQLIA to get unauthorized access and perform un-authorize data modification as result of improper... more
SQL Injection Attack (SQLIA) is one of the most severe attacks that can be used against web database driven applications. Attackers’ use SQLIA to get unauthorized access and perform un-authorize data modification as result of improper input validation by web application developer. Various studies have shown that average of 64% of web application of worldwide are vulnerable to SQLIA attack as result of their vulnerability. To mitigate the devastating problem of SQLIA, this research proposed automatic dynamic SQL injection vulnerability scanner (SQLIVS) that automates SQLI vulnerability assessment that results in SQLIA. Recent study shows that there is need for improving effectiveness of existing SQLIVS to reduce the cost of manual inspection of vulnerabilities and risk of being attack as result of false negative and false positive result reported by the SQLIV scanner. The research focus on improving effectiveness of SQLIVS by proposing object oriented approach in development of SQLIV...
Research Interests:
Skin cancer is a worldwide epidemic. A computerised instrument allows spotting small shifts to change the skin's functionality in an early stage. This paper utilises Convolutional Neural Network (CNN) to identify skin cancers... more
Skin cancer is a worldwide epidemic. A computerised instrument allows spotting small shifts to change the skin's functionality in an early stage. This paper utilises Convolutional Neural Network (CNN) to identify skin cancers Theattained results demonstrate that the CNN method can effectively identify melanoma and benign cases from X-ray images. This work can help doctors to diagnose cancer in the skin in an initial stage and treat it successfully.
Research Interests:
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized... more
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized data manipulation language. Defensive coding is a simple and affordable way to tackle this problem, however there are some issue regarding use of defensive coding which makes the system in effective, less resistant and resilience to attack. In this paper we provide detailed background of SQLIA (SQL Injection Attack), classified defensive coding to different categories, reviewed existing technique that are related to each techniques, state strength and weakness of such technique, evaluate such technique based on number of attacks they were able to stop and evaluate each category of approach based on its deployment requirements related to inheritance. The goal of this paper is to provide programmers with common issues that need to be considered before ch...
Research Interests:
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism and execute unauthorized data... more
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism and execute unauthorized data manipulation language. Defensive coding is the simple and affordable way to tackle this problem, by applying secure coding in each an every queries used in application. In this paper we provide a detailed background of SQLI attack, we classify defensive coding into different categories, review existing techniques that are related to each technique, and also evaluate such techniques based on number of attacks they were able to stop.We also evaluated each category of approach based on it's deployment requirement related to inheritance. Currently, to the best of our knowledge no papers have classied defensive coding as we do.
Research Interests:
Abstract Today, 44% of global energy has been derived from fossil fuel, which currently poses a threat to inhabitants and well-being of the environment. In a recent investigation of the global demand for energy consumption across various... more
Abstract Today, 44% of global energy has been derived from fossil fuel, which currently poses a threat to inhabitants and well-being of the environment. In a recent investigation of the global demand for energy consumption across various energy consumption sectors, the building sector has been shown to be one of the primary energy consumers, with a high percentage of energy consumption deemed as unnecessary. This as a result of poor management practice and implementation of strategies to avoid excess energy consumption. Over the years, researchers in both academia and industries have focused on various techniques to deal with unnecessary energy consumption and ensuring a healthy living environment for green smart cities. Among these techniques is Smart Home Energy Management Systems (SHEMs), which transform electric home appliances, sensor nodes, into autonomous devices in order to manage energy consumption effectively. This study presents an analysis of smart home energy management system with the goal to identify current trends and challenges for future improvement. The result reveals lack of quality attributes such as security, privacy, scalability, interoperability, and difficulty in managing and adapt to the thermal comfort satisfaction of residents, exposing them to health risks. Lastly, the study described opportunities for future research that ensure energy-efficient smart homes free of unnecessary energy consumption, health challenges, and cyber security attacks.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers' use SQLIA to get unauthorized access to and perform unauthorized data modification. To mitigate the... more
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers' use SQLIA to get unauthorized access to and perform unauthorized data modification. To mitigate the devastating problem of SQLIA, different researchers proposed variety of web penetration testing tools that automation of SQLI vulnerability assessment that result in SQLIA. Recent study shows that there is need for adaptation of object orienting approach in development of application program in order to reduce the cost of integration and maintenance, as well as improve the efficiency of application programs. Most of the proposed SQLIV (SQL injection vulnerability) detection tools by academic researchers seem to focus on improving efficiency or effectiveness of SQLIV detection tool thereby paying less attention to advantage of adopting reusable component. Therefore, this paper propose component based (CBC) SQLIV detection tool that has the potential to enable developer to reuse component where necessary and allow integration and maintenance fast and in less cost. The proposed tool was tested on three different vulnerable web applications after which its effectiveness was compared against seven(7) different SQLIV detection tool accordingly, the result of evaluation proves that the tool has all the potential to detect SQLIV vulnerabilities on different scenarios that other of scanners ware unable to detect.
Research Interests:
Internet of Things (IoT) is an emerging filed for technical, social, and economic significance. Consumer products, durable goods, cars and trucks, industrial and utility components, sensors, and other everyday objects are being combined... more
Internet of Things (IoT) is an emerging filed for technical, social, and economic significance. Consumer products, durable goods, cars and trucks, industrial and utility components, sensors, and other everyday objects are being combined and connected with Internet and powerful data analytic capabilities that promise to transform the traditional services. Projection of IoT on the Internet and economy is impressive, with some anticipating as many as 100 billion connected IoT devices and a global economic impact of more than $11 trillion by 2025. At the same time, the IoT has been suffered from various challenges that need to be addressed with new standards, methods, and systems and provide more potential benefits. Attention-grabbing headlines about the hacking of Internet-connected devices, surveillance concerns, and privacy fears already have captured public attention. Technical challenges need new standards and policies, legal and development challenges need new methods and systems....
Research Interests:
SQL Injection Attack (SQLIA) is one of the most severe attacks that can be used against web database driven applications. Attackers' use SQLIA to get unauthorized access and perform un-authorize data modification as result of improper... more
SQL Injection Attack (SQLIA) is one of the most severe attacks that can be used against web database driven applications. Attackers' use SQLIA to get unauthorized access and perform un-authorize data modification as result of improper input validation by web application developers. Various studies have shown that average of 64% of web application of worldwide are vulnerable to SQLIA as result of their vulnerability. To mitigate the devastating problem of SQLIA, this research proposed web application firewall for SQL injection Attack (SQLIA) that protects unauthorized users from SQLIA. Recent study shows that there is need for improving effectiveness of existing SQLIA firewall to reduce the Loss of data, getting vital information and risk of being attack as result of inaccurate false negative and false positive result reported by the SQLIA. The research focus on improving effectiveness of SQLIA firewall by proposing web application firewall for blind and tautology SQLIA in order to help minimizing of false positive an false negative result as well as to provide the room for improving proposed SQLIA by the potential researchers. To test and validate the accuracy of research work, three vulnerable web applications were developed with different type of vulnerabilities and accuracy metric were used to analyze the result of three experiments. The result of analysis shows significant improvement by achieving 88.8%. Accuracy for the first experiment, 77% accuracy for the second experiment and 73% accuracy for the third experiment and overall of 79.6%.
Research Interests:
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers use SQLIA to get unauthorized access and perform unauthorized data modification. To combat problem of... more
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers use SQLIA to get unauthorized access and perform unauthorized data modification. To combat problem of SQLIA, different researchers proposed variety of tools and methods that can be used as defense barrier between client application and database server. However, these tools and methods failed to address the whole problem of SQL injection attack, because most of the approaches are vulnerable in nature, cannot resist sophisticated attack or limited to scope of subset of SQLIA type. with regard to this different researchers proposed different approach (experimental and analytical evaluation) to evaluate the effectiveness of these existing tools based on type SQLIAs they can detect or prevent. However, none of the researcher considers evaluating these existing tool or method based on their ability to be deployed in various injection parameters or development requirements therefore, in this we analytically evaluated the reviewed tools and methods based on our experience with respect to SQIAs types and injection parameters. The evaluation result showed that most researchers focused on proposing approaches to detect and prevent SQLIAs, rather than evaluating the efficiency and effectiveness of the existing SQLIA detection and prevention tools/methods. The study also revealed that more emphasis was given by the previous studies on prevention measures than detection measures in combating problem of SQLIAs. An analysis showed that these tools and methods are developed to prevent subset of SQLIAs type and only few of them can be deployed to various injection parameters to be considered in examining SQLIAs. It further revealed that none of the tools or methods can be deployed to prevent attacks that can take advantage of second order (server side SQLIA) SQLI vulnerability. Finally, the study highlights the major challenges that require immediate response by developers and researchers in order to prevent the risk of being hacked through SQLIAs
Research Interests:
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized... more
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized data manipulation language. Defensive coding is a simple and affordable way to tackle this problem, however there are some issue regarding use of defensive coding which makes the system in effective, less resistant and resilience to attack. In this paper we provide detailed background of SQLIA (SQL Injection Attack), classified defensive coding to different categories, reviewed existing technique that are related to each techniques, state strength and weakness of such technique, evaluate such technique based on number of attacks they were able to stop and evaluate each category of approach based on its deployment requirements related to inheritance. The goal of this paper is to provide programmers with common issues that need to be considered before choosing a particular technique and to raise awareness of issues related to such techniques as many of those techniques were not meant for the purpose of protection of SQLIA. In addition, we hope to provide researchers by shedding light on how to develop good SQLI (SQL Injection) protection tools as most of the SQLI protection tools were developed using combination a of two or more defensive coding techniques. Lastly we provide recommendations on to avoid such issues.
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers' use SQLIA to get unauthorized access to and perform unauthorized data modification. To mitigate the... more
SQL injection attack (SQLIA) is one of the most severe attacks that can be used against web database driving applications. Attackers' use SQLIA to get unauthorized access to and perform unauthorized data modification. To mitigate the devastating problem of SQLIA, different researchers proposed variety of web penetration testing tools that automation of SQLI vulnerability assessment that result in SQLIA. Recent study shows that there is need for adaptation of object orienting approach in development of application program in order to reduce the cost of integration and maintenance, as well as improve the efficiency of application programs. Most of the proposed SQLIV (SQL injection vulnerability) detection tools by academic researchers seem to focus on improving efficiency or effectiveness of SQLIV detection tool thereby paying less attention to advantage of adopting reusable component. Therefore, this paper propose component based (CBC) SQLIV detection tool that has the potential to enable developer to reuse component where necessary and allow integration and maintenance fast and in less cost. The proposed tool was tested on three different vulnerable web applications after which its effectiveness was compared against seven(7) different SQLIV detection tool accordingly, the result of evaluation proves that the tool has all the potential to detect SQLIV vulnerabilities on different scenarios that other of scanners ware unable to detect.
Research Interests:
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized... more
SQL injection vulnerability is the one of the most common web-based application vulnerabilities that can be exploited by SQL injection attack to gain access to restricted data, bypass authentication mechanism, and execute unauthorized data manipulation language. Defensive coding is a simple and affordable way to tackle this problem, however there are some issue regarding use of defensive coding which makes the system in effective, less resistant and resilience to attack. In this paper we provide detailed background of SQLIA (SQL Injection Attack), classified defensive coding to different categories, reviewed existing technique that are related to each techniques, state strength and weakness of such technique, evaluate such technique based on number of attacks they were able to stop and evaluate each category of approach based on its deployment requirements related to inheritance. The goal of this paper is to provide programmers with common issues that need to be considered before choosing a particular technique and to raise awareness of issues related to such techniques as many of those techniques were not meant for the purpose of protection of SQLIA. In addition, we hope to provide researchers by shedding light on how to develop good SQLI (SQL Injection) protection tools as most of the SQLI protection tools were developed using combination a of two or more defensive coding techniques. Lastly we provide recommendations on to avoid such issues.