Developing secured android applications by mitigating code vulnerabilities with machine learning.

Senanayake, Janaka; Kalutarage, Harsha; Al-Kadri, Mhd Omar; Petrovski, Andrei; Piras, Luca

doi:10.1145/3488932.3527290

Assuring privacy of AI-powered community driven Android code vulnerability detection. (2025)
Presentation / Conference Contribution
SENANAYAKE, J., KALUTARAGE, H., PIRAS, L., AL-KADRI, M.O. and PETROVSKI, A. 2025. Assuring privacy of AI-powered community driven Android code vulnerability detection. In Garcia-Alfaro, J., Kalutarage, H., Yanai, N. et al. (eds.) Computer security: ESORICS 2024 international workshops: revised selected papers from the proceedings of eleven international workshops held in conjunction with the 29th European Symposium on Research in Computer Security (ESORICS 2024), 16-20 September 2024, Bydgoszcz, Poland. Part II. Lecture notes in computer science, 15264. Cham: Springer [online], pages 457-476. Available from: https://doi.org/10.1007/978-3-031-82362-6_27

The challenge of training AI models is heightened by the limited availability of data, particularly when public datasets are insufficient. While obtaining data from private sources may seem like a viable solution, privacy concerns often prevent data... Read More about Assuring privacy of AI-powered community driven Android code vulnerability detection..

DevSecOps implementation for continuous security in financial trading software application development. (2025)
Presentation / Conference Contribution
DASANAYAKE, S.D.L.V., SENANAYAKE, J. and WIJAYANAYAKE, W.M.J.I. 2025. DevSecOps implementation for continuous security in financial trading software application development. In Proceedings of the 25th International conference on advanced research in computing 2025 (ICARC 2025): converging horizons: uniting disciplines in computing research through AI innovation, 19-20 February 2025, Belihuloya, Sri Lanka. Piscataway: IEEE [online], pages 457-462. Available from: https://doi.org/10.1109/ICARC64760.2025.10963292

DevSecOps incorporates security into the DevOps workflow, ensuring robust protection throughout the software development lifecycle. This research addresses the security gaps in financial trading applications, where traditional methods often prioritiz... Read More about DevSecOps implementation for continuous security in financial trading software application development..

Customizable DDoS attack data generation in SDN environments for enhanced machine learning detection models. (2025)
Presentation / Conference Contribution
GAYANTHA, N., RAJAPAKSE, C. and SENANAYAKE, J. 2025. Customizable DDoS attack data generation in SDN environments for enhanced machine learning detection models. In Proceedings of the 5th International conference on advanced research in computing 2025 (ICARC 2025): converging horizons: uniting disciplines in computing research through AI innovation, 19-20 February 2025, Belihuloya, Sri Lanka. Piscataway: IEEE [online], pages 386-391. Available from: https://doi.org/10.1109/ICARC64760.2025.10963190

Distributed Denial of Service (DDoS) attacks are a critical threat to the security and reliability of Software-Defined Networking (SDN) environments. Existing datasets for training machine learning (ML) models, such as KDDCup '99 and CICIDS 2017, are... Read More about Customizable DDoS attack data generation in SDN environments for enhanced machine learning detection models..

MADONNA: browser-based malicious domain detection through optimized neural network with feature analysis. (2024)
Presentation / Conference Contribution
SENANAYAKE, J., RAJAPAKSHA, S., YANAI, N., KOMIYA, C. and KALUTARAGE, H. 2024. MADONNA: browser-based malicious domain detection through optimized neural network with feature analysis. In Meyer, N. and Grocholewska-Czuryło, A. (eds.) Revised selected papers from the proceedings of the 38th International conference on ICT systems security and privacy protection (IFIP SEC 2023), 14-16 June 2023, Poznan, Poland. IFIP advances in information and communication technology, 679. Cham: Springer [online], pages 279-292. Available from: https://doi.org/10.1007/978-3-031-56326-3_20

The detection of malicious domains often relies on machine learning (ML), and proposals for browser-based detection of malicious domains with high throughput have been put forward in recent years. However, existing methods suffer from limited accurac... Read More about MADONNA: browser-based malicious domain detection through optimized neural network with feature analysis..

FedREVAN: real-time detection of vulnerable android source code through federated neural network with XAI. (2024)
Presentation / Conference Contribution
SENANAYAKE, J., KALUTARAGE, H., PETROVSKI, A., AL-KADRI, M.O. and PIRAS, L. 2024. FedREVAN: real-time detection of vulnerable android source code through federated neural network with XAI. In Katsikas, S. et al. (eds.) Computer security: revised selected papers from the proceedings of the International workshops of the 28th European symposium on research in computer security (ESORICS 2023 International Workshops), 25-29 September 2023, The Hague, Netherlands. Lecture notes in computer science, 14399. Cham: Springer [online], part II, pages 426-441. Available from: https://doi.org/10.1007/978-3-031-54129-2_25

Adhering to security best practices during the development of Android applications is of paramount importance due to the high prevalence of apps released without proper security measures. While automated tools can be employed to address vulnerabiliti... Read More about FedREVAN: real-time detection of vulnerable android source code through federated neural network with XAI..

Enhancing security assurance in software development: AI-based vulnerable code detection with static analysis. (2024)
Presentation / Conference Contribution
RAJAPAKSHA, S., SENANAYAKE, J., KALUTARAGE, H. and AL-KADRI, M.O. 2024. Enhancing security assurance in software development: AI-based vulnerable code detection with static analysis. In Katsikas, S. et al. (eds.) Computer security: revised selected papers from the proceedings of the International workshops of the 28th European symposium on research in computer security (ESORICS 2023 International Workshops), 25-29 September 2023, The Hague, Netherlands. Lecture notes in computer science, 14399. Cham: Springer [online], part II, pages 341-356. Available from: https://doi.org/10.1007/978-3-031-54129-2_20

The presence of vulnerable source code in software applications is causing significant reliability and security issues, which can be mitigated by integrating and assuring software security principles during the early stages of the development lifecyc... Read More about Enhancing security assurance in software development: AI-based vulnerable code detection with static analysis..

Android code vulnerabilities early detection using AI-powered ACVED plugin. (2023)
Presentation / Conference Contribution
SENANAYAKE, J., KALUTARAGE, H., AL-KADRI, M.O., PETROVSKI, A. and PIRAS, L. 2023. Android code vulnerabilities early detection using AI-powered ACVED plugin. In Atluri, V. and Ferrara, A.L. (eds.) Data and applications security and privacy XXXVII; proceedings of the 37th annual IFIP WG (International Federation for Information Processing Working Group) 11.3 Data and applications security and privacy 2023 (DBSec 2023), 19-21 July 2023, Sophia-Antipolis, France. Lecture notes in computer science (LNCS), 13942. Cham: Springer [online], pages 339-357. Available from: https://doi.org/10.1007/978-3-031-37586-6_20

During Android application development, ensuring adequate security is a crucial and intricate aspect. However, many applications are released without adequate security measures due to the lack of vulnerability identification and code verification at... Read More about Android code vulnerabilities early detection using AI-powered ACVED plugin..

Labelled Vulnerability Dataset on Android source code (LVDAndro) to develop AI-based code vulnerability detection models. (2023)
Presentation / Conference Contribution
SENANAYAKE, J., KALUTARAGE, H., AL-KADRI, M.O., PIRAS, L. and PETROVSKI, A. 2023. Labelled Vulnerability Dataset on Android source code (LVDAndro) to develop AI-based code vulnerability detection models. In De Capitani di Vimercati, S. and Samarati, P. (eds.) Proceedings of the 20th International conference on security and cryptography, 10-12 July 2023, Rome, Italy, volume 1. Setúbal: SciTePress [online], pages 659-666. Available from: https://doi.org/10.5220/0012060400003555

Ensuring the security of Android applications is a vital and intricate aspect requiring careful consideration during development. Unfortunately, many apps are published without sufficient security measures, possibly due to a lack of early vulnerabili... Read More about Labelled Vulnerability Dataset on Android source code (LVDAndro) to develop AI-based code vulnerability detection models..

AI-powered vulnerability detection for secure source code development. (2023)
Presentation / Conference Contribution
RAJAPAKSHA, S., SENANAYAKE, J., KALUTARAGE, H. and AL-KADRI, M.O. 2023. AI-powered vulnerability detection for secure source code development. In Bella, G., Doinea, M. and Janicke, H. (eds.) Innovative security solutions for information technology and communications: revised selected papers of the 15th International conference on Security for information technology and communications 2022 (SecITC 2022), 8-9 December 2022, [virtual conference]. Lecture notes in computer sciences, 13809. Cham: Springer [online], pages 275-288. Available from: https://doi.org/10.1007/978-3-031-32636-3_16

Vulnerable source code in software applications is causing paramount reliability and security issues. Software security principles should be integrated to reduce these issues at the early stages of the development lifecycle. Artificial Intelligence (... Read More about AI-powered vulnerability detection for secure source code development..

Developing secured android applications by mitigating code vulnerabilities with machine learning. (2022)
Presentation / Conference Contribution
SENANAYAKE, J., KALUTARAGE, H., AL-KADRI, M.O., PETROVSKI, A. and PIRAS, L. 2022. Developing secured android applications by mitigating code vulnerabilities with machine learning. In ASIA CCS '22: proceedings of the 17th ACM (Association for Computing Machinery) Asia conference on computer and communications security 2022 (ASIA CCS 2022), 30 May - 3 June 2022, Nagasaki, Japan. New York: ACM [online], pages 1255-1257. Available from: https://doi.org/10.1145/3488932.3527290

Mobile application developers sometimes might not be serious about source code security and publish apps to the marketplaces. Therefore, it is essential to have a fully automated security solutions generator to integrate security-by-design into the d... Read More about Developing secured android applications by mitigating code vulnerabilities with machine learning..

All Outputs (10)