Ferda Özdemir Sönmez

Ferda Özdemir Sönmez
Imperial College London | Imperial · Institute for Security Science and Technology

Doctor of Philosophy

About

22
Publications
4,226
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
30
Citations

Publications

Publications (22)
Article
Full-text available
Forming high quality requirements has a direct impact on project success. Gathering security requirements could be challenging, since it demands a multidisciplinary approach and security expertise. Security requirements repository enables an effective alternative for addressing this challenge. The main objective of this paper is to present the desi...
Article
Full-text available
Blockchain presents a novel technology for improving existing paradigms in a wide span of domains, including project management. In this paper, we first review the state of the art blockchain use cases in project management to reveal the current status of blockchain research and to identify the blockchain application domains in project management....
Chapter
Full-text available
Diener’s satisfaction with life scale, SWLS, is broadly used as a measure for estimating global life satisfaction in the literature. Despite the popularity of social media applications and numerous researches linking daily word usage to social sciences, none of the existing studies managed to identify solid negative and/or positive relations or any...
Article
Full-text available
As the number of web applications and the corresponding number and sophistication of the threats increases, creating new tools that are efficient and accessible becomes essential. Although there is much research concentrating on network security visualizations, there are only a few studies considering the web application vulnerabilities’ possible v...
Chapter
Security visualization has been an issue, and it continues to grow in many directions. In order to give sufficient security visualization designs, information both in many different aspects of visualization techniques and the security problems is required. More beneficial designs depend on decisions that include use cases covering security artifact...
Article
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection...
Chapter
Diener’s satisfaction with life scale, SWLS, is broadly used as a measure for estimating global life satisfaction in the literature. Despite the popularity of social media applications and numerous researches linking daily word usage to social sciences, none of the existing studies managed to identify solid negative and/or positive relations or any...
Chapter
Full-text available
Although common vulnerabilities and exposures data (CVE) is commonly known and used to keep vulnerabil-ity descriptions. It lacks enough classifiers that increase its usability. This results in focusing on some well-known vulnerabilities and leaving others during the security tests. Better classification of this dataset would result in find-ing sol...
Chapter
This book chapter discusses the advantages of smart contracts for contract management by presenting a decentralized application for retention payment on the blockchain platform. The proposed smart contract application performs execution of retention clauses of a typical project contract by performing automated payment of retention immediately after...
Conference Paper
Information Security Governance Systems are not adequate to measure the effectiveness and efficiency of security tasks for the enterprises. Although some of the systems offer ways for measurement, they still need the definition of measurement objectives and metrics. This study proposes a conceptual framework mode which has human and tool/process re...
Conference Paper
The focus of this study is to find out repeatable features for large-scale enterprise web application production process related to based on OWASP security requirement list. As a result of a rigorous work including domain analysis for Java language and development frameworks and the examination of a large set of technical documents, 230 security qu...
Article
Full-text available
The focus of this study is to find out repeatable features for large-scale enterprise web application production process related to based on OWASP security requirement list. As a result of a rigorous work including domain analysis for Java language and development frameworks and the examination of a large set of technical documents, 230 security qu...
Article
Full-text available
Information Security Governance Systems are not adequate to measure the effectiveness and efficiency of security tasks for the enterprises. Although some of the systems offer ways for measurement, they still need the definition of measurement objectives and metrics. This study proposes a conceptual framework mode which has human and tool/process re...
Conference Paper
In order to find gaps or missing points in any domain, examination of the literature work is necessary and provides a good amount of information. Doing a requirement analysis on top of this literature search incorporating the domain experts is a convenient way to find out ideas to fill out the detected gaps. The security visualization domain has be...
Conference Paper
Security Information and Event Management Systems (SIEM) are generally very complex systems encapsulating a large number of functions with different behaviors. Visualization is a common way of data presentation in these systems along with other data presentation ways such as reporting, alerting, text messaging. However, generation of the visualizat...
Chapter
Security visualization has been an issue, and it continues to grow in many directions. In order to give sufficient security visualization designs, information both in many different aspects of visualization techniques and the security problems is required. More beneficial designs depend on decisions that include use cases covering security artifact...

Questions

Question (1)
Question
I made an analysis on some data using Dell's Statistica software. I am using this analysis in a scientific paper. Although data mining is not my primary topic I took Data Mining class before and have some knowledge. I know that data is either separated as %75 %25 (numbers may change) training and test parts or n fold cross validation is used to test the model performance. In Statistica SVM modeling prior to execution of model there are tabs to make configurations. In data sampling tab, I entered %75, %25 separation and in cross-validation tab, I entered 10 -fold cross validation. In the output, I see that the data was actually separated as training and test (model predictions are given for test values). There is also a cross-validation error. I will copy results below. I have difficulty in understanding and in the interpretation of this output. I hope someone who know better statistics compared to me and/or who is more experienced to this tools may explain how it works to me?
Support Vector machine results: SVM type: Regression type 1 (capacity=9.000, epsilon=0.100) Kernel type: Radial Basis Function (gamma=0.053) Number of support vectors = 705 (674 bounded) Cross-validation error = 0.244
Mean error squared = 1.830(Train), 0.193(Test), 1.267(Overall) S.D. ratio = 0.952(Train), 37076026627971.336(Test), 0.977(Overall) Correlation coefficient = 0.314(Train), -0.000(Test), 0.272(Overall)

Network

Cited By