• Home
  • Dragan Pleskonjic
Dragan Pleskonjic

Dragan Pleskonjic
GLOG.AI

MSc (magistar tehničkih nauka)
Making software more secure, applying ML & AI, building the future. Visit: www.dragan-pleskonjic.com and www.glog.ai.

About

80
Publications
231,227
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
85
Citations
Introduction
Current research and development focus: Intelligent Predictive Security (INPRESEC) – exploring the paradigm shift in Information Security and Privacy with Artificial Intelligence and Machine Learning. Novel approach to cyber security to predict the most likely cyber-attacks and to plan optimal proactive cyber-security defensive measures. For more info, visit: • My personal website at https://www.dragan-pleskonjic.com/ • My Google Scholar profile at https://scholar.google.com/citations?user=_gjXlV4AAAAJ&hl=en • My LinkedIn profile at https://www.linkedin.com/in/draganpleskonjic/ • Profile at School of Electrical and Computer Engineering of Applied Studies, Belgrade https://www.viser.edu.rs/profil/draganp

Publications

Publications (80)
Conference Paper
Full-text available
This paper presents benefits we have achieved by use of machine learning (ML) and artificial intelligence (AI) to improve cybersecurity and software security. There are tens of millions of security interesting events monthly in an average company or organization. Humans hardly can cope with all of them and breaches cost lot in money, reputation and...
Conference Paper
Full-text available
To effectively protect your organization’s web applications against cyberattacks, it is necessary to take a multidimensional approach. In this webinar, a panel of industry experts will discuss key measures that enterprises can take to mitigate web application security risks, including incorporating DevSecOps from design through implementation, usin...
Conference Paper
Full-text available
DevSecOps is a more than just getting security testing integrated into a pipeline and using the results to influence flow. Real success with DevSecOps comes when you are able to identify and measure critical aspects of your risks as well as your security controls and functions. It means that you have governance that enables and encourages the right...
Conference Paper
Full-text available
Application security is no longer an afterthought but a foremost. Application security is important because current applications are often available on various devices, networks and connected to the cloud, increasing vulnerabilities to threats and security breaches. There is a growing pressure and incentive not only to ensure security at the networ...
Conference Paper
Full-text available
Hackers are turning to AI and using it to weaponize malware and attacks to counter the advancements made in cybersecurity solutions. AI can be used to make operations more efficient and profitable. In identifying targets for attacks, cyber-criminals can start and cease attacks with millions of transactions in just minutes, because of fully-automate...
Conference Paper
Agenda and Key Takeaways: 1. Current state and analysis of important challenges in application and software security, DevSecOps and application security testing 2. How application and software security can be improved and what is the future 3. Paradigm shift in software security with data science, machine learning and AI 4. Glog.ai https://www.glo...
Conference Paper
Full-text available
In this webinar, the current state of application and software security, challenges that software development and security teams face, how the application and software security can be improved and what is the future. It’s estimated that 90 percent of security incidents result from attackers exploiting known software security vulnerabilities. Resol...
Poster
Full-text available
Cybersecurity and Software Security Solutions aided by ML and AI: Glog, INPRESEC, Security Predictions, vSOC.
Conference Paper
Full-text available
The team, led by INPRESEC initiator and founder Dragan Pleskonjic, works on research and development of the solution that predicts, prevents and detects security threats and attacks before they actually affect the live system , with demonstrable accuracy of approximately 99%. The solution utilizes Artificial Intelligence (AI), Machine Learning (M...
Conference Paper
This session will show how IBM Security AppScan Source lets IGT, a leading provider of lottery and gaming solutions, centrally manage software risk across its entire application portfolio, and how we use its capabilities to scan source code, triage, and eliminate vulnerabilities. We will highlight key aspects of IGT's automated AppScan Source workf...
Conference Paper
This presentation is focused on code analysis for security, processes, workflows, tools, automation as well as secure development champions roles. Presentation covers specific area of Static Application Security Testing (SAST) in details, integration in SDLC and implementation. It presents IFA (Intelligent Findings Analytic) and employing the machi...
Patent
While a player is playing one game on a gaming machine using a mobile gaming device, the systems and methods described herein recommend other games to the player based on the player's real time game play. An export data set is generated using parsing rules and used for recommendations. The game recommendations are provided to the mobile gaming devi...
Presentation
Invited speaker on topic: “Paradigm shift in Information Security and Privacy with Artificial Intelligence and Machine Learning” – INPRESEC. Link: https://idcitsecurity.com/belgrade/agenda/
Presentation
SecurePath 2018, Belgrade, March 27, 2018 Invited speaker on topic: “Paradigm shift in Information Security and Privacy with Artificial Intelligence and Machine Learning” – INPRESEC http://www.saga.rs/vesti-i-dogadaji/securepath-2018 http://www.saga.rs/vesti-i-dogadaji/treci-po-redu-securepath
Presentation
Artificial Intelligence (AI) Serbia Meetup #1 Invited speaker on topic: “Intelligent Predictive Security” – INPRESEC http://www.meetup.com/AI-Serbia-Meetup/events/245162855/
Presentation
Full-text available
Invited speaker on topic: “Intelligent Predictive Security” – INPRESEC, Belgrade, Hotel Hyatt Regency, Crystal hall, November 23, 2017 http://rsnog.rs/events/third-rsnog-conference/?lang=en http://rsnog.rs/wp-content/uploads/2017/12/RSNOG-03-04-Inteligentna-prediktivna-bezbednost.pdf
Presentation
The team, led by INPRESEC initiator Dragan Pleskonjic ( https://www.linkedin.com/in/draganpleskonjic/ ), developed a solution that predicts, prevents and detects security threats and attacks before they actually affect the live system, with demonstrable accuracy of approximately 99%. The solution utilizes Artificial Intelligence (AI), Machine Lear...
Presentation
Full-text available
Developers’ mDay 2017. Invited speaker on topic “Paradigm shift in Information Security and Privacy with Artificial Intelligence and Machine Learning” – INPRESEC, Belgrade, Serbia, September 24, 2017 http://www.mcloud.rs/blog/developers-mday-2017/ http://www.slideshare.net/mCloud-mDay/developers-mday-2017-dragan-pleskonji-adjunct-professor-802473...
Patent
A mobile gaming device may be a player's own personal tablet, smartphone, PDA, etc., with an application program installed via the internet for carrying out a remote gaming session. All gaming functions are carried out by a stationary gaming terminal communicating with the mobile device, such as by using WiFi. The mobile device operates as a user i...
Patent
A mobile gaming device may be a player's own personal tablet, smartphone, PDA, etc., with an application program installed via the internet for carrying out a remote gaming session. All gaming functions are carried out by a stationary gaming terminal communicating with the mobile device, such as by using WiFi. The mobile device operates as a user i...
Patent
While a player is playing one game on a gaming machine, the systems and methods described herein recommend other games to the player based on the player's real time game play, if the player is anonymous. Upon the player selecting a different game, the system may automatically transfers the player's credits between games or gaming machines. Each gam...
Patent
A mobile gaming device may be a player's own personal tablet, smartphone, PDA, etc., with an application program installed via the internet for carrying out a remote gaming session. All gaming functions are carried out by a stationary gaming terminal communicating with the mobile device, such as by using WiFi. The mobile device operates as a user i...
Patent
While a player is playing one game on a gaming machine, the systems and methods described herein recommend other games to the player based on the player's past gaming history, accessed via player registration, and the player's real time game play. Upon the player selecting a different game, the system may automatically transfers the player's credit...
Presentation
BISEC – 8th International Conference on Business Information Security BISEC’2016 Invited keynote speaker, topic: “Artificial Intelligence and Machine Learning for better Information Security & Privacy” – INPRESEC Panelist at Round Table: Critical infrastructure protection and Internet of Things http://bisec.metropolitan.ac.rs/successfully-held-bi...
Patent
A mobile gaming device may be a player's own personal tablet, smartphone, PDA, etc., with an application program installed via the internet for carrying out a remote gaming session. All gaming functions are carried out by a stationary gaming terminal communicating with the mobile device, such as by using WiFi or other wireless protocol. The mobile...
Patent
A mobile gaming device may be a player's own personal tablet, smartphone, PDA, etc., with an application program installed via the internet for carrying out a remote gaming session. All gaming functions are carried out by a stationary gaming terminal communicating with the mobile device, such as by using WiFi. The mobile device operates as a user i...
Patent
A mobile gaming device may be a player's own personal tablet, smartphone, PDA, etc., with an application program installed via the internet for carrying out a remote gaming session. All gaming functions are carried out by a stationary gaming terminal communicating with the mobile device, such as by using WiFi. The mobile device operates as a user i...
Article
Full-text available
This paper proposes a novel steganographic method which uses Discrete Wavelet Transformation (DWT) for hiding secret messages. The secret message is embedded in the QR Code. The QR Code carries a secret message, which is created by a GNU Privacy Guard (GPG), which is signed and encrypted by RSA keys.
Conference Paper
Full-text available
This paper presents a methodology for risk management developed and used mainly for critical infrastructures, but that can be generalized and used in other contexts. It outlines security risk assessment including identifying processes, resources / assets, threats and vulnerabilities, impacts and likelihood of failures. The methodology primary focus...
Conference Paper
Dragan Pleskonjic: “Location Based Services – Security and Privacy Aspects”, 6th Annual Telenor Security Conference GoToSec 2011, September 27-28, 2011, Belgrade
Conference Paper
Full-text available
U radu je prikazana analiza opšteg sigurnosnog modela sistema za upravljanje učenjem i formulisani su zahtevi koji se postavljaju pred odgovarajuće sigurnosne mehanizme. Obuhvaćeni su aspekti zaštite prateće softverske platforme. Primenjena je metodologija analize sigurnosnih rizika. Dat je pregled ugrađenih mehanizama u jednom od najpopularnijih L...
Book
Full-text available
“GNU/Linux sistemsko programiranje – priručnik za laboratorijske vežbe”, knjiga – udžbenik
Conference Paper
Full-text available
The main idea of this paper is to propose a new solution for a wireless intrusion detection prevention system (WIDPS). The proposed WIDPS has a high degree of autonomy in tracking suspicious activity and detecting positive intrusions. Our focus was the reduction of detected false positive intrusion by implementing adaptive self-learning neural net...
Article
Full-text available
This paper presents preview of the new book titled “Security of Computer Systems and Networks” (original in Serbian language “Sigurnost računarskih sistema i mreža”) – textbook for University lectures, but also a book that covers majority of important areas concerning current state of security. The book is the result of lecturing experience, resear...
Book
Full-text available
“UNIX arhitektura”, knjiga – udžbenik
Book
Full-text available
Nekada su se problemima sigurnosti računarskih sistema i mreža bavile vojska, diplomatija, policija i vlade. Sada to postaje problem svih koji obavljaju bankarske transakcije sa svog računa ili kupuju preko Interneta. Napadači imaju brojne prednosti, od kojih je najveća mogućnost iznenađenja, tj. mogućnost izbora vremena, mesta i načina napada. Lic...
Conference Paper
Full-text available
Sažetak - Ovaj rad se bavi analizom implementacija kriptografskih sistema datoteka na Linux operativnom sistemu. U radu smo analizirali prednosti i mane postojećih rešenja za šifrovanje sistema datoteka. Analiza obuhvata sledeće aspekte: degradiranje performansi, zadovoljenje osobina koje se očekuju od kriptografskih sistema datoteka i jednostavnos...
Conference Paper
Full-text available
Sadržaj - Ovaj rad predstavlja ispitivanje Linux kernela na ext3 sistemu datoteka. Rad uključuje komparaciju performansi najpopularnijih Linux sistema datoteka kao što je ext3 FS, podrazumevani Linux FS, pod dve različite verzije Linux kernela: verzija 2.6 protiv verzije 2.4. Performanse se mere korisćenjem Postmark benchmark programa, koji emulira...
Conference Paper
Full-text available
Sadržaj - Sistem sa javnim ključem može da se koristi u dve svrhe: šifriranje poruke javnim ključem primaoca radi sigurnosti, ili šifriranje poruke sa tajnim ključem pošiljaoca radi provere autentičnosti. Ako neki napadač ubedi korisnika da je lažni javni ključ povezan s pravim identitetom, onda napadač može lako da se maskira kao osoba s tim ident...
Book
Full-text available
“Sigurnost računarskih mreža”, knjiga – udžbenik. Raspoloživo za besplatno preuzimanje: https://www.dragan-pleskonjic.com/wp-content/uploads/2017/10/SRM.pdf
Book
Full-text available
“Sigurnost računarskih mreža – zbirka rešenih zadataka”, knjiga – udžbenik. Raspoloživo za besplatno preuzimanje: https://www.dragan-pleskonjic.com/wp-content/uploads/2017/10/SRM-zbirka.pdf
Book
Full-text available
“Sigurnost računarskih mreža – priručnik za laboratorijske vežbe”, knjiga – udžbenik. Raspoloživo za besplatno preuzimanje: https://www.dragan-pleskonjic.com/wp-content/uploads/2017/10/SRM-prirucnik.pdf
Conference Paper
Full-text available
This paper presents attempt to describe and categorize psychological profiles of network attackers and intruders. For long time ago, it was considered that most important aspect for providing security of computer networks and information systems is technical aspect and cryptography. But it has been recognized that even the best set of technical mec...
Presentation
Wireless networks are forecasted to expand rapidly. Tens or even hundreds millions of smart wireless devices are in use worldwide and that number increases. Today’s wireless networks are vulnerable in many ways (eavesdropping, illegal use, unauthorized access, denial of service attacks etc). These problems and concerns are one of main obstacles for...
Article
Full-text available
Wireless (Wi-Fi) networks based on IEEE 802.11 family of standards have been spreading its coverage last years and this trend is expected to grow. Every day more and more people use this type of networks to access Internet, company or other types of networks. Today’s wireless networks are vulnerable in many ways (rogue access points, hijacking sess...
Book
Full-text available
Prva knjiga na našem jeziku posvećena osnovnim teorijskim konceptima operativnih sistema i njihovoj vezi sa praksom. Knjiga uvodi čitaoce u osnove savremenih operativnih sistema, jasno definišući koncepte i algoritme korišćene pri projektovanju njihovih pojedinih delova. Može se reći da ova knjiga predstavlja pokušaj demistifikacije operativnih sis...
Book
Full-text available
“Operativni sistemi: zbirka rešenih zadataka”, knjiga – udžbenik
Book
Full-text available
“Operativni sistemi: koncepti”, knjiga – udžbenik
Book
Full-text available
“Operativni sistemi: UNIX i Linux”, knjiga – udžbenik Raspoloživo za besplatno preuzimanje: https://dragan-pleskonjic.com/wp-content/uploads/2017/01/os-unix-i-linux.pdf
Conference Paper
Full-text available
Dragan Pleskonjic, “Wireless Intrusion Detection Systems (WIDS)”, 19th Annual Computer Security Applications Conference, December 8-12, 2003, Las Vegas, Nevada, USA http://www.acsac.org/2003/case/thu-c-1330-Pleskonjic.pdf http://www.acsac.org/2003/thu.html http://www.acsac.org/2003/adv_pgm.pdf http://www.acsac.org/2003/wip.html
Patent
This is United States Patent Application. A method of installing hardware and corresponding software comprising the steps of initiating the installation process for a hardware element having corresponding software, monitoring the operating system for commands which require user intervention, analyzing the commands received from the operating system...
Conference Paper
Full-text available
This paper describes a development environment for generating System for Universal Network Connecting (SUNC). The development environment enables easy generation of program support and configuration/reconfiguration of SUNC. SUNC is based on a PC or RISC platform with network and communication adapters. It is used for interconnecting from two to eig...
Article
Full-text available
Conference Paper
Full-text available
Dragan Pleskonjić: "Modularni konvertor protokola", XXXVIII konferencija za elektroniku, telekomunikacije, računarstvo, automatiku i nuklearnu tehniku - ETRAN, Niš, jun 1994. LInk: https://www.etran.rs/common/archive/ETRAN_1955-2006/ET(R)AN_1955-2006/eTRAN/38.ETRAN.1994.3/Pleskonjic.D.ETRAN.1994.3.pdf
Conference Paper
Dragan Pleskonjić: “EDI usluge u složenom poslovnom sistemu”, Prva YU EDI konferencija, Brezovica, 26.-28. maj 1993.
Thesis
Dragan Pleskonjić: “Analiza kriptografskih metoda zaštite podataka”, magistarski rad, Elektrotehnički fakultet u Zagrebu, 1991.

Questions

Questions (22)
Question
What is next big thing in software security and application security? Have a look at Glog.ai project at https://www.glog.ai/. Also, check and YouTube video https://www.youtube.com/watch?v=FNQS9-bbmks
Question
Recent research found that 40% of code produced by GitHub Copilot is vulnerable to threats.
Security is the focus of the new scholarly paper, titled "An Empirical Cybersecurity Evaluation of GitHub Copilot's Code Contributions."
The scholarly paper joins another one titled "Evaluating Large Language Models Trained on Code" that studied security along with legal and other implications.
Have you used GitHub Copilot? What is your opinion about security of code generated by GitHub Copilot?
With our Glog project, we have goal to make software more secure. Glog project is focused on research and development of a solution that can give remediation advice for security vulnerabilities in software code based on context. Ultimate goal is auto-remediation of security vulnerabilities in software code. We are developing such a solution based on machine learning and AI. With this agility in software security should become a reality.
Hence, Glog solution is great tool to fix what Copilot did wrong in terms of security.
Link to project is https://www.glog.ai/.
Here on ResearchGate link is https://www.researchgate.net/project/GlogAI.
Question
If you are given task to develop solution which is able to automatically fix the security vulnerabilities in the source code, how you would approach it?
Have a look at https://www.glog.ai/.
One of our current research and development focuses is Glog R&D project.
Ultimate goal: Auto-remediation of security vulnerabilities in software code!
Question
Preparing to moderate panel on topic: Why Application Security is important?
Which questions would you ask panelists and what remarks you would suggest?
Question
What are different ways to implement business continuity to best overcome unpredictable events such as the COVID-19 pandemic?
Question
Have hackers already weaponized Artificial Intelligence and Machine Learning?
If you know examples, please share in reply. One example is Deepfakes.
Question
How do you identify a gifted and talented child? What type of activity or test you can do?
Can it be done remotely in current circumstances?

Network

Cited By