Dr.Ann Zeki Ablahd Magdacy Jarges -

Gender	MALE
Place of Work	Technical Engineering College/ Kirkuk
Position	تدريسية
Qualification	Ph.d
Speciality	Computer Science
Email	drann@ntu.edu.iq
Phone
Address	, , Mosul, Iraq

Using Python to Detect Web application vulnerability By

Jan 1, 2023

Journal RES MILITARES

DOI 10.1016/j.measen.2023.100746

Issue 2023

Volume 13

The number of web application grows sharply because of a web application is a common way of delivering all services via the Internet. The developing such application with a fewer experience and without testing caused a huge vulnerability in it. The web application vulnerability is a weak point resulted through web application designing. There are many attackers exploit this vulnerability for gaining access to all unauthorized internal objects to compromise the application, modify data and steal the most important information. The aim of this proposed system is to detect the web application vulnerabilities before exploited by an attacker. A special scanner was built using python 3.7 built-in tools like AST, CFG, Flask, and Django to detect these vulnerabilities. There are different risks infect a web application caused by this vulnerability two types of them were solved in this proposed system. The proposed scanner detects the injection flaws command execution and Cross-Site Scripting (XSS) injection. The fixed-point algorithm is used for finding web application vulnerabilities after analysis and extracts its features. The proposed scanner called SCANSCX. SCANSCX has been created with flexible tools. In order to test and evaluate the ability of SCANSCX, a number of vulnerable applications were designed. All designed examples are identified as being vulnerable. The SCANSCX is a realistic application because it runs on windows and linx operating systems. SCANSCX is a big project that spends very long time on analysis, designed an application and was therefore terminated.

Read Publication

DETECT MALICIOUS EMAILS USING DART LANGUAGE

Mar 1, 2023

Journal International Journal on“Technical and Physical Problems of Engineering”

publisher Published by International Organization of IOTPE

Issue 54

Volume 15

Abstract- The communication of emails, nowadays become an official and important. The email was a vector of conducting attack in cyber-crimes such as phishing, spoofing and any malicious email. Such attack used as a malicious transferring mode into the victim’s device. The wide growing of malicious Email leads to online criminal activities. By such activity the confidential and secure information will stalled. To avoid such criminal activity, an On-line application (classifier) where prepared for inspecting each suspicious Email address. This classifier acts as interface in receiving Email address and early detects malicious, phishing and spoofing emails to avoid user from being victim in such attack. The proposed system built by using Dart-SDK language Windows supported with flutter-windows-3.0.1 platform. With this classifier the address of each email has been analyzed used one of machine learning algorithms called “Naive Bayesian algorithm” to distinguish between benign and malicious Email address. This system provides real time detection for any Email malicious crimes. Accuracy rate of this classifier is about 99.2%, 8000 Email address where tested, 4700 are malicious, 3300 are benign.The communication of emails, nowadays become an official and important.

Read Publication

Detection of tamper forgery image in security digital mage

Jun 1, 2023

Journal Measurement: Sensors,

publisher Published by International Organization of IOTPE

DOI 10.1016/j.measen.2023.100746

Issue id.100746

Volume 27

Every industry that uses digital photos is concerned about image security. Forensics and public safety have long relied on suspect photos, crime scene photos, biometric photos, and other images. As digital imaging has advanced, the use of digital images in this field has grown significantly. While digital image processing has helped to develop many new approaches in forensic research, it has also simplified image manipulation. The public availability of various snipping image manipulation software has made digital image validity a problem. As a result, image tampering detection software is becoming increasingly important. Digital photographs have grown in popularity in recent years for a variety of applications. Print media, the website, and scholarly publications will be used to disseminate the information. . It's used as strong evidence in a variety of crimes, as well as documentation for a variety of reasons. The advancement of photo processing and editing software has simplified and made it more accessible to create and modify photographs. The most common types of picture forgery are copy-move forgery and splicing images. To conceal or display an error scenario, a portion of a photograph is duplicated and pasted further in the photograph, and splicing an image means two images in one image. This research looks at different types of digital image forgeries as well as forgery detection software. A review of existing approaches for detecting faked images was conducted. Keywords: Image, Tampering, Active approach, Passive approach, copy-move, splicing

Read Publication

Detect Malicious Web Pages Using Naive Bayesian Algorithm to Detect Cyber Threats

Aug 1, 2023

Journal Wireless Personal Communications

publisher WOS: Journal on Modern Research Methodologies ISSN: 2835-3072

DOI https://doi.org/10.1007/s11277-023-10713-9

The increased number of cyber threats and the growing of websites pages lead to targeting them, that why is very necessary for developing an effective techniques in detecting and mitigating malicious website pages. To detect such threats, it propose an on-line system by using Python 3.7 and utilization of the Naive Bayesian algorithm as a powerful tool for identifying and categorizing potentially harmful web pages. This algorithm leverages a combination of statistical analysis and machine learning principles to analyze various features and attributes of web content, thereby determining their likelihood of being malicious. To achieve such system, at first it construct a comprehensive dataset comprising both malicious and legitimate website pages. The second step is extracting the relevant features like URL information from these pages (spelling mistakes, unusual characters and the strange domain names). These features are used in Training Naive Bayesian classifier that learns the patterns and characteristics of malicious web pages. Through the classification stage, the proposed model examines the features of unseen website pages and analyzes the URL carefully for distinguishing benign or malicious website pages. To evaluate the effectiveness of the proposed system, it conducted experiment of 7000 real website pages samples. The results demonstrate the capability of Naive Bayesian algorithm. 3800 website pages are detected as malicious pages, while 3200 are classified as benign pages. Additionally, the accuracy of the proposed system is compared with an existing method.

Read Publication

Survey on Computer Cyber Security

Sep 14, 2023

Journal WOS: Journal on Modern Research Methodologies ISSN: 2835-3072

publisher WOS: Journal on Modern Research Methodologies ISSN: 2835-3072

DOI DOI 10.12694/scpe.v25i5.3046

Issue Issue 9, Year 2023

Volume 2

The growing reliance on computer systems and the increasing interconnectedness of the digital world have amplified the significance of computer cyber security. This survey aims to provide an overview of the current state of computer cyber security by examining key areas of concern, emerging threats, and the measures taken to mitigate risks. This survey begins by exploring the fundamental concepts of computer cyber security, including the importance of confidentiality, integrity, and availability of data. It delves into the various types of cyber threats faced by computer systems, such as malware, phishing attacks, data breaches, and social engineering techniques. Next, the survey investigates the common vulnerabilities and weaknesses that cyber attackers exploit to compromise computer security. This includes software vulnerabilities, weak authentication mechanisms, inadequate network security, and the challenges posed by emerging technologies like the Internet of Things (IoT) and cloud computing. The survey then discusses the countermeasures and best practices employed to safeguard computer systems against cyber threats. It covers the implementation of firewalls, antivirus software, intrusion detection systems, encryption protocols, and regular security updates. Additionally, it highlights the significance of user awareness training and policies to promote a culture of security within organizations .

Driver Drowsiness Detection

Aug 1, 2024

Journal Scalable Computing: Practice and Experience

publisher ISSN 1895-1767, http://www.scpe.org

DOI DOI 10.12694/scpe.v25i5.3046

Issue Issues 5, pp. 4301–4311

Volume 25

The state of the driver of being extremely tired or sleepy through the operation of the vehicle is called driver drowsiness. Different factors caused this state such as alcohol, lack of sleep, and the side effect of some medication. The drowsiness of drivers is a serious safety lead to accidents or fatalities on external and internal roads. The increased number of road accidents resulted from drowsy driving. A special smart, reliable, and accurate system, Using Python language 3.6 for Windows, was designed to build an alert system for drivers in detecting drowsiness driver. This system is crucial in reducing accidents road by the ability to concentrate, react quickly, and produce sound decisions through driving. This system implements a real-time detector that can monitor the states of drivers through driving. Smart cameras with 16-megapixel were used to ensure that capturing photos have a high quality. These cameras were used in gathering the driver’s dataset in different alertness states, including both alert states and drowsy. The collected dataset is processed by extracting all relevant features such as head movement, yawning, and eye closure, which were used in identifying the driver’s drowsiness. Python’s libraries such as TensorFlow, OpenCV, Keras, and Pygame are used for extracting all the above features. Viola-Jones algorithm is used in face eye region detecting and extracting from the image of the face in the proposed system. A Support Vector Machine (SVM) algorithm was used in classifying between drowsy and non-drowsy drivers. The system is tested and evaluated in the real world, to ensure that the

Read Publication

Using Flask for SQLIA Detection and Protection

May 1, 2025

Journal Tikrit Journal of Engineering Science

publisher TJES, College of Engineering, Tikrit University

DOI 10.25130/tjes.27.2.01

Issue 27

Volume 2

Using Flask for SQLIA Detection and Protection ABSTRACT At present the web applications are used for most of the life activities, these applications are affected by an attack called (Structure Query Language Injection Attack) SQLIA due to the vulnerabilities of the web application. The vulnerabilities of the web application are increased because most of application developers do not care to security in designing.SQL injection is a common attack that infects a web application. The attacker adds (Structured Query Language) SQL code to web page for accessing and changing victim databases.The vital step in securing the database and detecting such an attack in web apps is preparing a tool. Many researchers propose different ways for detection and prevention of such as an attack. In this paper a tool it proposed using a powerful micro-framework web application designer called Flask in Python 3.7 to detect and prevent such attacks. The proposed system is called SQLIAD. SQLIAD analyzed a web application on-line.

Read Publication