Olivia
Online
Aufeef Chauhan
@aufeef
Joined November 2017
32 Following
27 Followers
83 Posts
🔒 What is DevSecOps?
DevSecOps is an emerging software development paradigm that aims to continuously and rapidly deliver secure software. However, practitioners are facing many challenges in keeping up with the pace of rapid deployment cycles of DevSecOps while performing security assessments (e.g. Application Security Testing).
Studies have further highlighted that the paradigm shift related to adopting DevSecOps is inherently centred on the culture of the organisation. To this end, fostering a highly collaborative environment is seen as central to the success of DevSecOps.
🔬 At the @crest_centre, we value the importance of secure software in organisational success.
Thus, our research reviews existing literature on state-of-the-art practices for DevSecOps, such that we can develop an evidence-based body of knowledge that informs where methodological and tool support is required. Some of our key findings are highlighted below:
🛠️ Automation and Tool Usage:
R&D in DevSecOps focuses on new technologies supporting rapid deployment cycles, addressing drawbacks of older tools like SAST and DAST.
🔄 Shift-Left Security and Continuous Assessment:
Practices like shift-left security and continuous security assessment are crucial, yet lack adequate tool support.
🚧 Automation Challenges:
Difficulty in automating manual security practices poses a significant obstacle, requiring further study to balance DevOps goals and security.
👥 Human Aspects:
People-related challenges significantly impact DevSecOps success, warranting more research in socio-technical solutions.
🌐 Complex Infrastructure Adoption:
Research is growing in adopting DevSecOps principles in complex, regulated infrastructures, but more empirical solutions are needed.
🔍 Follow us for more interesting insights on our R&D!
#CyberSecurity #DevSecOps #Engineering #Technology
🔍 CREST Tools: Big Data Storage and Analytics Benchmarking Testbed 🔍
We value the challenges involved when implementing big data solutions that effectively adhere to organisational needs, including the type/amount of data, energy constraints, data flows and fault tolerance requirements. Hence, we have created a benchmarking testbed that allows us to optimise parameters to provide the best possible solution.
🔧📊 In our proposed approach, we use measurements and simulations within a controlled testbed environment, ensuring we can set parameters, run benchmarks, and provide results. From a real-world view, our process is as follows:
🔹1️⃣ Prepare infrastructure
🔹2️⃣ Deploy testing subject (database, framework, tool)
🔹3️⃣ Configure testing subject
🔹4️⃣ Set measurement probes (CPU load, disk usage, network activity, etc.)
🔹5️⃣ Prepare/load data to databases
🔹6️⃣ Execute workload (test subject specific)
🔹7️⃣ Collect probe results
🔹8️⃣ Loop through the test subject parameters and compare results
If you wish to learn more, feel free to reach out to us via our social platforms!
#technology #engineering #bigdata 🖥️🛠️📈
🚀 Exciting News! Paper Accepted for Publication!
Thrilled to announce that our paper, "An Investigation into Misuse of Java Security APIs by Large Language Models" authored by Zahra Mousavi, Chadni Islam @_Chadni_, Kristen Moore, Alsharif Abuadbba, Ali Babar @alibabar has been accepted in AsiaCCS 2024 (Core A)!
🛡️ The surge in using Large Language Models (LLMs) for code generation has sparked crucial discussions about code trustworthiness. Our research delves into this topic by focusing on the integration of security APIs. APIs are fundamental for software security, yet their effective integration poses significant challenges, often resulting in inadvertent misuse and vulnerabilities.
🎯 To address this, we investigated ChatGPT's capabilities in generating secure code for security API use cases in Java. Through a comprehensive evaluation involving 48 programming tasks and 5 widely used security APIs, we employed automated and manual approaches to detect security API misuse in ChatGPT-generated code.
🌐💡 Our findings reveal a concerning trend: Approximately 70% of instances contain security API misuse, a clear indication of the potential for security vulnerabilities in LLM-generated code.
#AI #CodeGeneration #SoftwareSecurity #APIs #ChatGPT #Trustworthiness #Java #AsiaCCS2024
Who to follow
Faheem Ullah 
@Faheem_uh
#1 Most Followed Voice in AI & Research | 280,000+ LinkedIn Followers | Assistant Professor | University of Adelaide, Australia
Bakheet Aljedaani, PhD
@mr_aljedaani
Computer Scientist @juc_uqu, @FCITKAU alumni, @Lewisualumni, and @UniOfAdelaide alumni. Researcher (#Security and #Privacy, #mHealth apps, #Blockchain)
Roshan 🧐
@rosh_nr
Roshan N Rajapakse
PhD candidate in Computer Science, @UniofAdelaide
Research on #EmpiricalSoftwareEngineering #DevOps
🔒🚀 Fascinating insights from our research paper "Challenges and Solutions when Adopting DevSecOps: A Systematic Review" by Roshan Rajapakse, @MansoorehZ, @alibabar, and Haifeng Shen! 📚💡
As DevOps gains momentum, integrating security without compromising agility remains a daunting task. While DevSecOps has helped mitigate this challenge, its practical adoption poses challenges. Our study aims to systemise knowledge on these challenges and proposed solutions, shedding light on areas for future research.
Analysing 54 peer-reviewed studies, we identified 21 adoption challenges and 31 solutions, categorised into People, Practices, Tools, and Infrastructure. Tool-related challenges dominated, highlighting the need for automation. Shift-left security and continuous security assessment emerged as pivotal practices. While people-related factors are also crucial, they are currently understudied.
We advocate for developer-centric security testing tools tailored for DevSecOps' continuous practices. Additionally, automation of manual security practices for rapid deployment cycles warrants further exploration. Finally, balancing speed and security remains a critical issue in DevSecOps adoption.
For more insights, reach out to us at [email protected], or read the full paper here: https://t.co/WNOhiDvA3j
#DevSecOps #SoftwareDevelopment #Security #Agile
🚀 Excited to share insights on optimising distributed data processing in hybrid clouds! 🌐💻
In our latest research, we delve into evaluating the performance of Hadoop, Spark, and Flink within a hybrid cloud environment, integrating both private (OpenStack) and public (MS Azure) clouds. 📊 Our study focuses on crucial metrics such as execution time, resource utilisation, scalability, and cost-effectiveness across various workloads.
Key findings reveal:
🔹 Impact of node allocation on execution time in hybrid clouds.
🔹 Performance ranking: Flink > Spark > Hadoop based on execution time.
🔹 Data transfer analysis: Hadoop > Flink > Spark.
🔹 Horizontal scaling dominance over vertical scaling.
🔹 Cost analysis: Spark emerges as the most economical choice.
This research fills a critical gap in understanding the dynamics of distributed data processing frameworks in hybrid cloud settings, offering actionable insights for efficient resource management and cost optimisation. 💡💰
If you are interested, you can read our paper below for in-depth analysis and implications. If you would like to learn more about our work in distributed computing, feel free to reach out at [email protected].
https://t.co/ToKTb00MlN
#HybridCloud #DistributedComputing #BigData #CloudPerformance
🌟 Excited to share our research findings on optimising energy consumption in distributed data processing platforms! 🌟
As distributed data processing platforms like Hadoop, Spark, and Flink become increasingly integral to cloud computing, the rise of edge computing offers new opportunities. 🚀 Edge computing allows for data processing closer to the source, reducing latency and improving efficiency. However, resource constraints like energy limitations pose challenges for deploying certain applications on the edge.
In our paper, we address this challenge by proposing a framework for energy-aware evaluation of these platforms in an integrated edge-cloud environment. By leveraging this framework, we evaluated the energy consumption of Hadoop, Spark, and Flink across various devices, including Raspberry Pi, edge nodes, and cloud servers.
Our findings reveal:
1️⃣ Flink emerges as the most energy-efficient platform, followed by Spark, with Hadoop trailing behind.
2️⃣ Offloading tasks from resource-constrained devices to resource-rich ones can slash energy consumption by 55.2%.
3️⃣ Bandwidth and distance between client and server play crucial roles in energy consumption dynamics.
These insights pave the way for more sustainable and efficient distributed computing practices. If you wish to learn more, you can read the paper below or contact us at [email protected].
See link: https://t.co/BUOlBwnzgt
#DistributedComputing #EdgeComputing #EnergyOptimisation
🔍 Are you grappling with the complexities of deploying and evaluating blockchain networks?
🔎 Our latest research by Nguyen Khoi Tran, Ali Babar, and Andrew Walters introduces NVAL (Network Deployment and Evaluation Framework), a cutting-edge automation tool designed to streamline these processes. By focusing on architecture design and delegating implementation steps to NVAL, practitioners can enhance efficiency and reduce error-prone activities.
💡 NVAL leverages existing automation scripts and utilities to deploy and evaluate blockchain networks based on their architecture specifications. Our innovative meta-model captures these architectures as computer-readable artifacts, enabling seamless deployment and evaluation through a state-space search approach.
🚀 Our case study demonstrates NVAL's effectiveness in deploying 65 networks with 12 different architectures and generating 295 evaluation datasets, all with minimal processing time overhead.
If you are interested in learning more, the paper is available to read below. If you would like to work with CREST, please contact us at [email protected] for more information.
See link: https://t.co/IZfK0nevMc
#BlockchainTechnology #Automation #NetworkDeployment #EvaluationFramework #NVAL
We had an enlightening #GuestTalk today, presented by Dr. @BachLe13 from @UniMelb, where he shared his research on human-centered & data-driven #SoftwareDebugging. #CREST members also engaged in discussions on common research interests, paving the way for potential collaboration.
@kuntingchen1 @alibabar 📣 Welcome Dr. Limeng Zhang, another talented researcher, to join CREST as a postdoc!
👩💼 Limeng's expertise includes #blockchain, #datamining, #bigdata analytics, and #recommendersystems.
🤝We can't wait to collaborate with her to conduct world-class research in these areas. 3/n
@kuntingchen1 @alibabar 📣 Exciting news! Dr. Samodha Pallewatta has joined CREST as a postdoc researcher!
👩💼Her research expertise is in Distributed Systems, Edge-Cloud computing, IoT, & Microservices.
🌟We look forward to working with her to take our research in these areas to the next level. 4/n
📢 Excited to share that our research paper, "An Experience Report on the Design and Implementation of an Ad-hoc Blockchain Platform for Tactical Edge Applications," has been accepted for presentation at the industry track of the @ECSACONF conference! 🎉
https://t.co/SjwJ9Kl1Xx
Today, our Bachelor of Software Engineering honours students showed their half-way progress in Software Engineering Research Project course, run by @alibabar & me @UniofAdelaide @UofA_SET. Special thanks to @SAHealth @crest_uofa @maptek @DefenceScience for great project support.
Great visiting @CurtinUni & giving talk on“quality of data” 4 #ML & #software #security. A key R&D area of @crest_uofa; collar with @CroftRoland & @MehdiKholoosi & @lhmtriet; thx a lot Aneesh, Redowan, Sony, Mahbuba, Sajib 4 the generous hospitality & sharing your work.
@crest_uofa was delighted to host prof @amin_beheshti from @Macquarie_Uni; heard insightful talk on #generative #AI, it's applications to real world projects of his team. thx 4 visiting & sharing fascinating ideas; favourite one is data-driven story telling & graph summarization
Congrats to our #PhD student, @mousavi_sz, on passing the #MajorReview. Her research provides technical & human-centric support for effective use of #security #APIs. Her work also utilises recent #LLM advances like #ChatGPT for automation. @CSCRCoz @UniofAdelaide @GradSchoolUofA
CREST is glad to welcome academics from the School of Public Health @UniofAdelaide led by Prof. Tracy Merlin. We presented & discussed collaboration opportunities in various areas of mutual interest including #BigData #Analytics #DistributedSystem #SoftwareSecurity & #Blockchain.
CREST is glad to host Prof. @shukat_ali from @simula_research to give an insightful invited talk on "Dependable and Noise-Aware #Quantum #SoftwareEngineering". We also had fruitful follow-up discussions on this emerging area. Special thanks to @aufeef for the kind coordination.
Today, CREST members gathered to recognize and celebrate our achievements in 2022. All of us have had a relaxing and cheerful time sharing with each other our stories of the past year and positive plans moving toward the next year. Wish everyone happy holidays & new year ahead.
🚨We're hiring!!!🚨
An exciting opportunity to join a talented & ambitious team! If you're interested in qualitative data analysis and/or socio-technical aspects, don't hesitate to contact us to learn more. Please also share this opportunity with your network. #crest_positions
Last Seen Users on Sotwe
Serdar
Seen from Turkey
PRIA NUSANTARA
Seen from Germany
cewe sexy
Seen from Indonesia
❤️🔥Javierayline❤️🔥
Seen from Chile
Joshe&Charlie
Seen from Netherlands
Matthew
Seen from Australia
intisab_VIP
Seen from Algeria
STUDENT BOY 👨🏼🎓🔥
Seen from India
hidden from his wife
Seen from Turkey
Tim
Seen from Germany
Most Popular Users
Elon Musk
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers