\documentclass[11pt,twoside]{article}\makeatletter

\IfFileExists{xcolor.sty}%
  {\RequirePackage{xcolor}}%
  {\RequirePackage{color}}
\usepackage{colortbl}
\usepackage{wrapfig}
\usepackage{ifxetex}
\ifxetex
  \usepackage{fontspec}
  \usepackage{xunicode}
  \catcode`⃥=\active \def⃥{\textbackslash}
  \catcode`❴=\active \def❴{\{}
  \catcode`❵=\active \def❵{\}}
  \def\textJapanese{\fontspec{Noto Sans CJK JP}}
  \def\textChinese{\fontspec{Noto Sans CJK SC}}
  \def\textKorean{\fontspec{Noto Sans CJK KR}}
  \setmonofont{DejaVu Sans Mono}
  
\else
  \IfFileExists{utf8x.def}%
   {\usepackage[utf8x]{inputenc}
      \PrerenderUnicode{–}
    }%
   {\usepackage[utf8]{inputenc}}
  \usepackage[english]{babel}
  \usepackage[T1]{fontenc}
  \usepackage{float}
  \usepackage[]{ucs}
  \uc@dclc{8421}{default}{\textbackslash }
  \uc@dclc{10100}{default}{\{}
  \uc@dclc{10101}{default}{\}}
  \uc@dclc{8491}{default}{\AA{}}
  \uc@dclc{8239}{default}{\,}
  \uc@dclc{20154}{default}{ }
  \uc@dclc{10148}{default}{>}
  \def\textschwa{\rotatebox{-90}{e}}
  \def\textJapanese{}
  \def\textChinese{}
  \IfFileExists{tipa.sty}{\usepackage{tipa}}{}
\fi
\def\exampleFont{\ttfamily\small}
\DeclareTextSymbol{\textpi}{OML}{25}
\usepackage{relsize}
\RequirePackage{array}
\def\@testpach{\@chclass
 \ifnum \@lastchclass=6 \@ne \@chnum \@ne \else
  \ifnum \@lastchclass=7 5 \else
   \ifnum \@lastchclass=8 \tw@ \else
    \ifnum \@lastchclass=9 \thr@@
   \else \z@
   \ifnum \@lastchclass = 10 \else
   \edef\@nextchar{\expandafter\string\@nextchar}%
   \@chnum
   \if \@nextchar c\z@ \else
    \if \@nextchar l\@ne \else
     \if \@nextchar r\tw@ \else
   \z@ \@chclass
   \if\@nextchar |\@ne \else
    \if \@nextchar !6 \else
     \if \@nextchar @7 \else
      \if \@nextchar (8 \else
       \if \@nextchar )9 \else
  10
  \@chnum
  \if \@nextchar m\thr@@\else
   \if \@nextchar p4 \else
    \if \@nextchar b5 \else
   \z@ \@chclass \z@ \@preamerr \z@ \fi \fi \fi \fi
   \fi \fi  \fi  \fi  \fi  \fi  \fi \fi \fi \fi \fi \fi}
\gdef\arraybackslash{\let\\=\@arraycr}
\def\@textsubscript#1{{\m@th\ensuremath{_{\mbox{\fontsize\sf@size\z@#1}}}}}
\def\Panel#1#2#3#4{\multicolumn{#3}{){\columncolor{#2}}#4}{#1}}
\def\abbr{}
\def\corr{}
\def\expan{}
\def\gap{}
\def\orig{}
\def\reg{}
\def\ref{}
\def\sic{}
\def\persName{}\def\name{}
\def\placeName{}
\def\orgName{}
\def\textcal#1{{\fontspec{Lucida Calligraphy}#1}}
\def\textgothic#1{{\fontspec{Lucida Blackletter}#1}}
\def\textlarge#1{{\large #1}}
\def\textoverbar#1{\ensuremath{\overline{#1}}}
\def\textquoted#1{‘#1’}
\def\textsmall#1{{\small #1}}
\def\textsubscript#1{\@textsubscript{\selectfont#1}}
\def\textxi{\ensuremath{\xi}}
\def\titlem{\itshape}
\newenvironment{biblfree}{}{\ifvmode\par\fi }
\newenvironment{bibl}{}{}
\newenvironment{byline}{\vskip6pt\itshape\fontsize{16pt}{18pt}\selectfont}{\par }
\newenvironment{citbibl}{}{\ifvmode\par\fi }
\newenvironment{docAuthor}{\ifvmode\vskip4pt\fontsize{16pt}{18pt}\selectfont\fi\itshape}{\ifvmode\par\fi }
\newenvironment{docDate}{}{\ifvmode\par\fi }
\newenvironment{docImprint}{\vskip 6pt}{\ifvmode\par\fi }
\newenvironment{docTitle}{\vskip6pt\bfseries\fontsize{22pt}{25pt}\selectfont}{\par }
\newenvironment{msHead}{\vskip 6pt}{\par}
\newenvironment{msItem}{\vskip 6pt}{\par}
\newenvironment{rubric}{}{}
\newenvironment{titlePart}{}{\par }

\newcolumntype{L}[1]{){\raggedright\arraybackslash}p{#1}}
\newcolumntype{C}[1]{){\centering\arraybackslash}p{#1}}
\newcolumntype{R}[1]{){\raggedleft\arraybackslash}p{#1}}
\newcolumntype{P}[1]{){\arraybackslash}p{#1}}
\newcolumntype{B}[1]{){\arraybackslash}b{#1}}
\newcolumntype{M}[1]{){\arraybackslash}m{#1}}
\definecolor{label}{gray}{0.75}
\def\unusedattribute#1{\sout{\textcolor{label}{#1}}}
\DeclareRobustCommand*{\xref}{\hyper@normalise\xref@}
\def\xref@#1#2{\hyper@linkurl{#2}{#1}}
\begingroup
\catcode`\_=\active
\gdef_#1{\ensuremath{\sb{\mathrm{#1}}}}
\endgroup
\mathcode`\_=\string"8000
\catcode`\_=12\relax

\usepackage[a4paper,twoside,lmargin=1in,rmargin=1in,tmargin=1in,bmargin=1in,marginparwidth=0.75in]{geometry}
\usepackage{framed}

\definecolor{shadecolor}{gray}{0.95}
\usepackage{longtable}
\usepackage[normalem]{ulem}
\usepackage{fancyvrb}
\usepackage{fancyhdr}
\usepackage{graphicx}
\usepackage{marginnote}

\renewcommand{\@cite}[1]{#1}


\renewcommand*{\marginfont}{\itshape\footnotesize}

\def\Gin@extensions{.pdf,.png,.jpg,.mps,.tif}

  \pagestyle{fancy}

\usepackage[pdftitle={Neuro-Fuzzy based Software Risk Estimation Tool},
 pdfauthor={}]{hyperref}
\hyperbaseurl{}

	 \paperwidth210mm
	 \paperheight297mm
              
\def\@pnumwidth{1.55em}
\def\@tocrmarg {2.55em}
\def\@dotsep{4.5}
\setcounter{tocdepth}{3}
\clubpenalty=8000
\emergencystretch 3em
\hbadness=4000
\hyphenpenalty=400
\pretolerance=750
\tolerance=2000
\vbadness=4000
\widowpenalty=10000

\renewcommand\section{\@startsection {section}{1}{\z@}%
     {-1.75ex \@plus -0.5ex \@minus -.2ex}%
     {0.5ex \@plus .2ex}%
     {\reset@font\Large\bfseries}}
\renewcommand\subsection{\@startsection{subsection}{2}{\z@}%
     {-1.75ex\@plus -0.5ex \@minus- .2ex}%
     {0.5ex \@plus .2ex}%
     {\reset@font\Large}}
\renewcommand\subsubsection{\@startsection{subsubsection}{3}{\z@}%
     {-1.5ex\@plus -0.35ex \@minus -.2ex}%
     {0.5ex \@plus .2ex}%
     {\reset@font\large}}
\renewcommand\paragraph{\@startsection{paragraph}{4}{\z@}%
     {-1ex \@plus-0.35ex \@minus -0.2ex}%
     {0.5ex \@plus .2ex}%
     {\reset@font\normalsize}}
\renewcommand\subparagraph{\@startsection{subparagraph}{5}{\parindent}%
     {1.5ex \@plus1ex \@minus .2ex}%
     {-1em}%
     {\reset@font\normalsize\bfseries}}


\def\l@section#1#2{\addpenalty{\@secpenalty} \addvspace{1.0em plus 1pt}
 \@tempdima 1.5em \begingroup
 \parindent \z@ \rightskip \@pnumwidth 
 \parfillskip -\@pnumwidth 
 \bfseries \leavevmode #1\hfil \hbox to\@pnumwidth{\hss #2}\par
 \endgroup}
\def\l@subsection{\@dottedtocline{2}{1.5em}{2.3em}}
\def\l@subsubsection{\@dottedtocline{3}{3.8em}{3.2em}}
\def\l@paragraph{\@dottedtocline{4}{7.0em}{4.1em}}
\def\l@subparagraph{\@dottedtocline{5}{10em}{5em}}
\@ifundefined{c@section}{\newcounter{section}}{}
\@ifundefined{c@chapter}{\newcounter{chapter}}{}
\newif\if@mainmatter 
\@mainmattertrue
\def\chaptername{Chapter}
\def\frontmatter{%
  \pagenumbering{roman}
  \def\thechapter{\@roman\c@chapter}
  \def\theHchapter{\roman{chapter}}
  \def\thesection{\@roman\c@section}
  \def\theHsection{\roman{section}}
  \def\@chapapp{}%
}
\def\mainmatter{%
  \cleardoublepage
  \def\thechapter{\@arabic\c@chapter}
  \setcounter{chapter}{0}
  \setcounter{section}{0}
  \pagenumbering{arabic}
  \setcounter{secnumdepth}{6}
  \def\@chapapp{\chaptername}%
  \def\theHchapter{\arabic{chapter}}
  \def\thesection{\@arabic\c@section}
  \def\theHsection{\arabic{section}}
}
\def\backmatter{%
  \cleardoublepage
  \setcounter{chapter}{0}
  \setcounter{section}{0}
  \setcounter{secnumdepth}{2}
  \def\@chapapp{\appendixname}%
  \def\thechapter{\@Alph\c@chapter}
  \def\theHchapter{\Alph{chapter}}
  \appendix
}
\newenvironment{bibitemlist}[1]{%
   \list{\@biblabel{\@arabic\c@enumiv}}%
       {\settowidth\labelwidth{\@biblabel{#1}}%
        \leftmargin\labelwidth
        \advance\leftmargin\labelsep
        \@openbib@code
        \usecounter{enumiv}%
        \let\p@enumiv\@empty
        \renewcommand\theenumiv{\@arabic\c@enumiv}%
	}%
  \sloppy
  \clubpenalty4000
  \@clubpenalty \clubpenalty
  \widowpenalty4000%
  \sfcode`\.\@m}%
  {\def\@noitemerr
    {\@latex@warning{Empty `bibitemlist' environment}}%
    \endlist}

\def\tableofcontents{\section*{\contentsname}\@starttoc{toc}}
\parskip0pt
\parindent1em
\def\Panel#1#2#3#4{\multicolumn{#3}{){\columncolor{#2}}#4}{#1}}
\newenvironment{reflist}{%
  \begin{raggedright}\begin{list}{}
  {%
   \setlength{\topsep}{0pt}%
   \setlength{\rightmargin}{0.25in}%
   \setlength{\itemsep}{0pt}%
   \setlength{\itemindent}{0pt}%
   \setlength{\parskip}{0pt}%
   \setlength{\parsep}{2pt}%
   \def\makelabel##1{\itshape ##1}}%
  }
  {\end{list}\end{raggedright}}
\newenvironment{sansreflist}{%
  \begin{raggedright}\begin{list}{}
  {%
   \setlength{\topsep}{0pt}%
   \setlength{\rightmargin}{0.25in}%
   \setlength{\itemindent}{0pt}%
   \setlength{\parskip}{0pt}%
   \setlength{\itemsep}{0pt}%
   \setlength{\parsep}{2pt}%
   \def\makelabel##1{\upshape ##1}}%
  }
  {\end{list}\end{raggedright}}
\newenvironment{specHead}[2]%
 {\vspace{20pt}\hrule\vspace{10pt}%
  \phantomsection\label{#1}\markright{#2}%

  \pdfbookmark[2]{#2}{#1}%
  \hspace{-0.75in}{\bfseries\fontsize{16pt}{18pt}\selectfont#2}%
  }{}
      \def\TheFullDate{2013-01-15 (revised: 15 January 2013)}
\def\TheID{\makeatother }
\def\TheDate{2013-01-15}
\title{Neuro-Fuzzy based Software Risk Estimation Tool}
\author{}\makeatletter 
\makeatletter
\newcommand*{\cleartoleftpage}{%
  \clearpage
    \if@twoside
    \ifodd\c@page
      \hbox{}\newpage
      \if@twocolumn
        \hbox{}\newpage
      \fi
    \fi
  \fi
}
\makeatother
\makeatletter
\thispagestyle{empty}
\markright{\@title}\markboth{\@title}{\@author}
\renewcommand\small{\@setfontsize\small{9pt}{11pt}\abovedisplayskip 8.5\p@ plus3\p@ minus4\p@
\belowdisplayskip \abovedisplayskip
\abovedisplayshortskip \z@ plus2\p@
\belowdisplayshortskip 4\p@ plus2\p@ minus2\p@
\def\@listi{\leftmargin\leftmargini
               \topsep 2\p@ plus1\p@ minus1\p@
               \parsep 2\p@ plus\p@ minus\p@
               \itemsep 1pt}
}
\makeatother
\fvset{frame=single,numberblanklines=false,xleftmargin=5mm,xrightmargin=5mm}
\fancyhf{} 
\setlength{\headheight}{14pt}
\fancyhead[LE]{\bfseries\leftmark} 
\fancyhead[RO]{\bfseries\rightmark} 
\fancyfoot[RO]{}
\fancyfoot[CO]{\thepage}
\fancyfoot[LO]{\TheID}
\fancyfoot[LE]{}
\fancyfoot[CE]{\thepage}
\fancyfoot[RE]{\TheID}
\hypersetup{citebordercolor=0.75 0.75 0.75,linkbordercolor=0.75 0.75 0.75,urlbordercolor=0.75 0.75 0.75,bookmarksnumbered=true}
\fancypagestyle{plain}{\fancyhead{}\renewcommand{\headrulewidth}{0pt}}

\date{}
\usepackage{authblk}

\providecommand{\keywords}[1]
{
\footnotesize
  \textbf{\textit{Index terms---}} #1
}

\usepackage{graphicx,xcolor}
\definecolor{GJBlue}{HTML}{273B81}
\definecolor{GJLightBlue}{HTML}{0A9DD9}
\definecolor{GJMediumGrey}{HTML}{6D6E70}
\definecolor{GJLightGrey}{HTML}{929497} 

\renewenvironment{abstract}{%
   \setlength{\parindent}{0pt}\raggedright
   \textcolor{GJMediumGrey}{\rule{\textwidth}{2pt}}
   \vskip16pt
   \textcolor{GJBlue}{\large\bfseries\abstractname\space}
}{%   
   \vskip8pt
   \textcolor{GJMediumGrey}{\rule{\textwidth}{2pt}}
   \vskip16pt
}

\usepackage[absolute,overlay]{textpos}

\makeatother 
      \usepackage{lineno}
      \linenumbers
      
\begin{document}

             \author[1]{Pooja  Rani}

             \author[2]{Dalwinder Singh  Salaria}

             \affil[1]{  Lovely Professional University}

\renewcommand\Authands{ and }

\date{\small \em Received: 11 December 2012 Accepted: 31 December 2012 Published: 15 January 2013}

\maketitle


\begin{abstract}
        


To develop the secure software is one of the major concerns in the software industry. To make the easier task of finding and fixing the security flaws, software developers should integrate the security at all stages of Software Development Life Cycle (SDLC).In this paper, based on Neuro- Fuzzy approach software Risk Prediction tool is created. Firstly Fuzzy Inference system is created and then Neural Network based three different training algorithms: BR (Bayesian Regulation), BP (Back propagation) and LM (Levenberg-Marquardt) are used to train the neural network. From the results it is conclude that for the Software Risk Estimation, BR (Bayesian Regulation) performs better and also achieves the greater accuracy than other algorithms.

\end{abstract}


\keywords{software security, software threat, neural network, fuzzy logic, neuro-fuzzy.}

\begin{textblock*}{18cm}(1cm,1cm) % {block width} (coords) 
\textcolor{GJBlue}{\LARGE Global Journals \LaTeX\ JournalKaleidoscope\texttrademark}
\end{textblock*}

\begin{textblock*}{18cm}(1.4cm,1.5cm) % {block width} (coords) 
\textcolor{GJBlue}{\footnotesize \\ Artificial Intelligence formulated this projection for compatibility purposes from the original article published at Global Journals. However, this technology is currently in beta. \emph{Therefore, kindly ignore odd layouts, missed formulae, text, tables, or figures.}}
\end{textblock*}


\let\tabcellsep& 	 	 		 
\section[{Introduction}]{Introduction}\par
oftware systems are being used in every area to perform the different kind of activities all over the world. Due to the rapid growth of internet, technology advancement and the extensively usage of software systems results in security threats that are increasing day by day. So security becomes important concern to be considered. Threat can be any undesired event that is having potential to harm the system. Software Threat Modeling is an approach that deals with the identification, mitigation and prioritization of attacks that have to address. To predict the model for software threats, there are number of techniques like: Statistical techniques, Neural Network, Genetic Algorithm, Support Vector Machine, Fuzzy Logic and hybrid approaches: Neural Network with Genetic Algorithm, Neural Network with Support Vector Machine and Neuro-Fuzzy are being used .As it is fact that each technique has their own pros and cons. It cannot be say that one technique can overcome the limitations of all other techniques. But from the past research work, its find that the hybrid approaches provide more level of accuracy than the individual approaches.\par
Author ? : Student, Department of CSE Lovely Professional University Phagwara, Punjab -144411. E-mail : erpoojapuri88@gmail.com Author ? : Assistant Professor, CSE Dept Lovely Professional University Phagwara, Punjab -144411. E-mail : ds\textunderscore salaria@yahoo.com II. 
\section[{Review of Literature}]{Review of Literature}\par
For Software threat prediction, various statistical approaches as well as advanced approaches are introduced in different areas where Software systems are being used. For Cyber Threat, Cyber threat trend analysis model is proposed using Hidden Markov Model (HMM), to forecast the Cyber threat trend. HMM is a tool in which hidden state is determined .After comparison with existing techniques, the proposed model provides accurate results \hyperref[b0]{[1]}. MERIT workshop and training programs are conducted for effective training about insider threat awareness. Insider threats are those undesired events that are performed by the legitimate users \hyperref[b1]{[2]}. Threat Analysis and Modeling (TAM) tool is used to identify the threats and evaluate the risks. This process is useful in business applications \hyperref[b2]{[3]}. To identify the most critical large system threats, Cyber Threat Tree is implemented as directed graph known as Multiple Valued Decision Diagram (MDD). Cyber Threat Markup Language (Cyma) is used for cyber threat tree representation. Multiple Valued Logic function is used to represent the threat states and their interdepend -ence \hyperref[b3]{[4]}.\par
In the area of Software Security, to identify the security vulnerabilities in software systems and to show the sequential events that occur during an attack, Regular expression based attack patterns are created. Identification of vulnerabilities is done via matching sequence of components that trigger an event during an attack \hyperref[b4]{[5]}. Threat Mitigation, Monitoring and Management Plan (TMMMP) approach is discussed to identify the threats, to monitor the remedial measures and to deal with management plans in case of failure of remedial measures. It uses Defense In Depth (DID) strategy for threat mitigation and risk management associated with threats \hyperref[b5]{[6]}. To identify the security flaws at early stages of software development life cycle, Extended Model Driven Architecture (MDA) approach is introduced with quantitative security assessment model. It will provide the feedback at every stage of software development life cycle \hyperref[b7]{[7]}. To prioritize the identified threats, Common Vulnerability Scoring system (CVSS) based Risk ranking Tool is used. This tool converts Yes/ No values into numerical values and then calculates the risk score using CVSS. It helps to software developer by answering the impact and exploitability of threats \hyperref[b8]{[8]}. To overcome the limitation i.e. identification of effects by new security threats and to developing proper countermeasures, two kind of security patterns are introduced i.e. Software Requirement Patterns (SRPs) and Software Design Patterns (SDPs). To identify the threats Software Requirement Patterns (SRPs) are used. Software Design Patterns (SDPs) are used for the identification of remedial measures against identified threats \hyperref[b9]{[9]}.\par
In the Networked organizations, to enhance the security by prioritizing threats and vulnerabilities, a new methodology is proposed that integrates threat modeling with formal threat analysis. This method is divided into three phases: Threat modeling, asset mapping and mitigation plan that enable the system to identify, quantify the threats and vulnerabilities \hyperref[b10]{[10]}. For identification of threats in networked organizations, a new approach is introduced that provides reliability statistics to defense analyst to identify the top node in the network. It is useful to identify the top threats in networked organizations \hyperref[b11]{[11]}. Now a day's modern technique Neural Network is emerged. It is also used to model the software threats. For an intrusion detection system, user behavior modeling approach is introduced that use the neural algorithm and provides better results than existing results \hyperref[b12]{[12]}. With the use of hybrid approach i.e. Neural network and support vector machine, Intrusion detection system is constructed. It is observed that the performance of this hybrid approach is superior and deliver accurate results \hyperref[b13]{[13]}. As we know new intrusions are introduced day by day, so there is need to update the new rules to intrusion detection systems. To meet this requirement, a new intrusion detection system is presented with Genetic algorithm approach \hyperref[b14]{[14]}.\par
To model the real world risk scenarios, risk analysis modeling is introduced that uses fuzzy logic technique. Fuzzy logic model the vagueness in natural way. Thus it provides the accurate recommendations \hyperref[b16]{[15]}. For electronic commerce development, web based Fuzzy Decision Support System (FDSS) is introduced. This will help to identify electronic ecommerce risk factors \hyperref[b17]{[16]}. With the use of fuzzy logic secure software system (SSS) approach is introduced. It will help to avert the failed state of the system \hyperref[b18]{[17]}.\par
For the development of marketing strategy, hybrid intelligent system is developed with the combined approach of Neural Network, Fuzzy Logic and expert system. For the settlement of marketing strategy, this hybrid system is useful to produce intelligent advice \hyperref[b19]{[18]}.\par
Neural fuzzy scheme is proposed for the development of Direction of arrival (DOA) estimation algorithm by Self-constructing Neural fuzzy Inference Network (SONFIN). The performance of this newly developed algorithm is superior than RBFN \hyperref[b20]{[19]}. To calibrate the conversion ratios for backfiring technique, accuracy is achieved for software size estimation \hyperref[b21]{[20]}. To make the decision about Distributed Intrusion Prediction and Prevention system (DIPPS) , a model named Hierarchical Neuro-Fuzzy Online Risk Assessment(HiNFRA) using Neuro-fuzzy approach is introduced. This model by using Neuro-fuzzy approach results in more robustness and better performance \hyperref[b22]{[21]}. 
\section[{III. Neuro-Fuzzy Risk Prediction Model}]{III. Neuro-Fuzzy Risk Prediction Model}\par
For the prediction of risk, Neuro-Fuzzy approach is used in this paper. Because the combination of Neural Network and Fuzzy Logic results in such hybrid intelligent system that is having learning ability to optimize its parameters with the use of neural network and to represent the knowledge in an interpretable manner, with the use of Fuzzy System. The hybrid Neuro-Fuzzy technique is well suitable to those areas or applications, where the interpretation and interaction of user is required. Neuro-Fuzzy approach provides more accurate results than other existing hybrid techniques. 
\section[{a) Fuzzy Inference System}]{a) Fuzzy Inference System}\par
Fuzzy Inference System is based on the concept of Fuzzy set, If Then Rules and Defuzzification. In this paper, MATLAB Fuzzy toolbox that is Graphical User Interface tool used to build the Fuzzy Inference System. To determine how Neuro-Fuzzy approach can be applied to evaluate the Software risk, some of the software factors that affect the security vulnerability are considered. These risk factors are abstracted from \hyperref[b23]{[22]} [23] \hyperref[b25]{[24]}. Regarding these input attributes, Corresponding security vulnerability output in the form of Low, Medium, High, Very Low and Very High are obtained from Software industry experts in from of surveys. The total 17 input risk attributes includes the following.  C calibrated model is generated by using neuro-fuzzy approach. From this model, it is concluded that higher 17. Wrong Functions, Properties and UI(User Interface) Development.\par
i. Fuzzification Fuzzification is the process to describe the input parameters through linguistic variables with meaning like 'Low','High','Medium','Very Low' and 'Very High'. Fuzzy sets are representation of input parameters. These sets are represented by Membership Functions. Input parameters are represents by Zmf (Z-shaped built-in membership function). Similarly, Output parameters are represented by Gauss (Gaussian curve built-in membership function). 
\section[{ii. Rule Evaluation}]{ii. Rule Evaluation}\par
The total 137 if-then rules are generated after the creation of input output fuzzy sets and Membership functions. In the rules 'T' means "True" and representing value 1 and 'F' means "False" and representing value 0. The rules created in rule base of Fuzzy Inference System (FIS) are represented in the following format:\par
If(Fault/Changing Requirements is 'T') and (Lack of user Co-operation is 'F') and (Poor Project Planning is 'T') and (Poor Project management and Resource Estimation is 'F') and (Undefined Project Milestones is 'T') and (Personnel Shortfalls is 'F') and (Insufficiently Trained Team Members is 'T') and (Lack of Specialization is 'F') and (Inexperienced Project Manager is 'T') and (Schedule variation is 'F') and (Budget variation is 'T') and (Deviation From Software Requirements is 'F') and (Shortfalls in Externally Furnished Components is 'T') and(Shortfalls in Externally Performed Tasks is 'F') and (Limitations on Real Time Performance Activities or Tasks is 'T') and (Computer Science Difficulties is 'F') and (Wrong Functions, Properties and UI Development is 'T').   Back propagation (triangdx) is a learning algorithm means it learns from many inputs for desired output. It is very simple. It does not require any specialization. But the Limitation of this algorithm is that its having low prediction capabilities. Due to low prediction capabilities, it does not provide accurate results.\par
Bayesian Regulation (Trainbr) is advanced method. This algorithm is more suitable for those    
\section[{Results and Comparison}]{Results and Comparison}\par
Neural Network is trained with three different algorithms: BR, BPA \& LM and outputs are obtained. From the table 1. The comparison among three different algorithms can be seen. In the table 17 inputs parameters are used and corresponding Security vulnerability output is computed for BR, BP and LM algorithms. The comparison shows that BR provides the better results than BP and LM algorithms. The results provides by BR are accurate where as BP and LM are over fitting the values for the same dataset.\par
The table1: Summarizes the results achieved by these three different algorithms over the same dataset. Some short terms are used in the table for input parameters are as follows.   
\section[{Conlcusion}]{Conlcusion}\par
Software Risk Prediction is one of the most important tasks for the development of secure and reliable system. It should be preferred that during the early stages of software development life cycle to find and fix the security flaws. Neuro-fuzzy approach based risk prediction tool is developed using MATLAB. After creation of Fuzzy Inference System, Neural Network is trained with three different algorithms using 'trianbr', 'traingdx' and 'trainlm'. From the results it is concluded that BR algorithm performs better than other algorithms. With the use of BR algorithm better accuracy level is achieved then other algorithms. \begin{figure}[htbp]
\noindent\textbf{}\includegraphics[]{image-2.png}
\caption{\label{fig_0}C}\end{figure}
 \begin{figure}[htbp]
\noindent\textbf{}\includegraphics[]{image-3.png}
\caption{\label{fig_2}}\end{figure}
 \begin{figure}[htbp]
\noindent\textbf{1}\includegraphics[]{image-4.png}
\caption{\label{fig_3}Figure 1 :}\end{figure}
 \begin{figure}[htbp]
\noindent\textbf{2}\includegraphics[]{image-5.png}
\caption{\label{fig_4}Figure 2 :}\end{figure}
 \begin{figure}[htbp]
\noindent\textbf{}\includegraphics[]{image-6.png}
\caption{\label{fig_5}C}\end{figure}
 \begin{figure}[htbp]
\noindent\textbf{3}\includegraphics[]{image-7.png}
\caption{\label{fig_6}Figure 3 :}\end{figure}
 \begin{figure}[htbp]
\noindent\textbf{45}\includegraphics[]{image-8.png}
\caption{\label{fig_7}Figure 4 :Figure 5 :}\end{figure}
  			\footnote{© 2013 Global Journals Inc. (US)} 		 		\backmatter  			  				\begin{bibitemlist}{1}
\bibitem[Debar et al. (1992)]{b12}\label{b12} 	 		‘A neural network component for an intrusion detection system’.  		 			H Debar 		,  		 			M Becker 		,  		 			D Siboni 		.  	 	 		\textit{Research in Security and Privacy, 1992. Proceedings. 1992 IEEE Computer Society Symposium on},  				1992. May. IEEE. p. .  	 
\bibitem[Gong et al. (2005)]{b14}\label{b14} 	 		‘A software implementation of a genetic algorithm based approach to network intrusion detection’.  		 			R H Gong 		,  		 			M Zulkernine 		,  		 			P Abolmaesumi 		.  	 	 		\textit{Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, 2005 and First ACIS International Workshop on Self-Assembling Wireless Networks},  				2005. May.  	 
\bibitem[Gandotra et al. (2010)]{b18}\label{b18} 	 		‘A step towards secure software system using fuzzy logic’.  		 			V Gandotra 		,  		 			A Singhal 		,  		 			P Bedi 		.  	 	 		\textit{Computer Engineering and Technology (ICCET), 2010 2nd International Conference on},  				2010. April. IEEE. 1 p. .  	 
\bibitem[Stango et al. (2009)]{b10}\label{b10} 	 		‘A threat analysis methodology for security evaluation and enhancement planning’.  		 			A Stango 		,  		 			N R Prasad 		,  		 			D M Kyriazanos 		.  	 	 		\textit{Emerging Security Information, Systems and Technologies, 2009. SECURWARE'09. Third International Conference on},  				2009. June. IEEE. p. .  	 
\bibitem[Hu et al. (2010)]{b24}\label{b24} 	 		‘A unified intelligent model for software project risk analysis and planning’.  		 			Y Hu 		,  		 			X Zhang 		,  		 			X Sun 		,  		 			J Zhang 		,  		 			J Du 		,  		 			J Zhao 		.  	 	 		\textit{Information Management, Innovation Management and Industrial Engineering (ICIII), 2010 International Conference on},  				2010. November. IEEE. 4 p. .  	 
\bibitem[ARTCom'09. International Conference on]{b6}\label{b6} 	 		\textit{ARTCom'09. International Conference on},  				IEEE. p. .  	 
\bibitem[Wong et al. ()]{b21}\label{b21} 	 		‘Calibrating function point backfiring conversion ratios using neuro-fuzzy technique’.  		 			J Wong 		,  		 			D Ho 		,  		 			L F Capretz 		.  	 	 		\textit{International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems}  		2008. 16  (06)  p. .  	 
\bibitem[Greitzer et al. ()]{b1}\label{b1} 	 		‘Combating the insider cyber threat’.  		 			Frank L Greitzer 		,  		 			P Andrew 		,  		 			Dawn M Moore 		,  		 			Dee H Cappelli 		,  		 			Lynn A Andrews 		,  		 			Thomas D Carroll 		,  		 			Hull 		.  	 	 		\textit{Security \& Privacy, IEEE}  		2008. 6  (1)  p. .  	 
\bibitem[Ongsakorn et al. (2010)]{b3}\label{b3} 	 		‘Cyber threat trees for large system threat cataloging and analysis’.  		 			P Ongsakorn 		,  		 			K Turney 		,  		 			M Thornton 		,  		 			S Nair 		,  		 			S Szygenda 		,  		 			T Manikas 		.  	 	 		\textit{Systems Conference},  				2010. April. 2010. IEEE. p. .  	 	 (4th Annual IEEE) 
\bibitem[Dhillon ()]{b8}\label{b8} 	 		‘Developer-Driven Threat Modeling: Lessons Learned in the Trenches’.  		 			Danny Dhillon 		.  	 	 		\textit{Security \& Privacy, IEEE}  		2011. 9  (4)  p. .  	 
\bibitem[Shieh and Lin ()]{b20}\label{b20} 	 		‘Direction of arrival estimation based on phase differences using neural fuzzy network. Antennas and Propagation’.  		 			C S Shieh 		,  		 			C T Lin 		.  	 	 		\textit{IEEE Transactions on}  		2000. 48  (7)  p. .  	 
\bibitem[Okubo et al. (2011)]{b9}\label{b9} 	 		‘Effective security impact analysis with patterns for software enhancement’.  		 			T Okubo 		,  		 			H Kaiya 		,  		 			N Yoshioka 		.  	 	 		\textit{Availability, Reliability and Security (ARES)},  				2011. August. 2011. IEEE. p. .  	 	 (Sixth International Conference on) 
\bibitem[Tang and Shen (2009)]{b7}\label{b7} 	 		‘Extending Model Driven Architecture with Software Security Assessment’.  		 			X Tang 		,  		 			B Shen 		.  	 	 		\textit{Secure Software Integration and Reliability Improvement},  				2009. July. 2009. 2009. IEEE. p. .  	 	 (Third IEEE International Conference on) 
\bibitem[Ngai and Wat ()]{b17}\label{b17} 	 		‘Fuzzy decision support system for risk analysis in e-commerce development’.  		 			E W T Ngai 		,  		 			F K T Wat 		.  	 	 		\textit{Decision support systems}  		2005. 40  (2)  p. .  	 
\bibitem[Bragina and Tabunshchyk (2011)]{b25}\label{b25} 	 		‘Fuzzy model for the software projects design risk analysis’.  		 			T Bragina 		,  		 			G Tabunshchyk 		.  	 	 		\textit{CAD Systems in Microelectronics (CADSM), 2011 11th International Conference. The Experience of Designing and Application of},  				2011. February. IEEE. p. .  	 
\bibitem[Haslum et al. (2008)]{b16}\label{b16} 	 		‘Hinfra: Hierarchical neuro-fuzzy learning for online risk assessment’.  		 			K Haslum 		,  		 			A Abraham 		,  		 			S Knapskog 		.  	 	 		\textit{Modeling \& Simulation, 2008. AICMS 08. Second Asia International Conference on},  				2008. May. IEEE. p. .  	 
\bibitem[Haslum et al. (2008)]{b22}\label{b22} 	 		‘Hinfra: Hierarchical neuro-fuzzy learning for online risk assessment’.  		 			K Haslum 		,  		 			A Abraham 		,  		 			S Knapskog 		.  	 	 		\textit{Modeling \& Simulation, 2008. AICMS 08. Second Asia International Conference on},  				2008. May. ieee. p. .  	 
\bibitem[Frantz and Carley (2009)]{b11}\label{b11} 	 		‘Information assurances and threat identification in networked organizations’.  		 			T L Frantz 		,  		 			K M Carley 		.  	 	 		\textit{Computational Intelligence for Security and Defense Applications},  				2009. July. 2009. IEEE. p. .  	 	 (CISDA 2009. IEEE Symposium on) 
\bibitem[Mukkamala et al. ()]{b13}\label{b13} 	 		‘Intrusion detection using neural networks and support vector machines’.  		 			S Mukkamala 		,  		 			G Janoski 		,  		 			A Sung 		.  	 	 		\textit{Neural Networks, 2002. IJCNN'02. Proceedings of the 2002 International Joint Conference on},  				2002. IEEE. 2 p. .  	 
\bibitem[Lee et al. (2007)]{b0}\label{b0} 	 		 			T Lee 		,  		 			S O Jung 		,  		 			H P In 		,  		 			H J Lee 		.  		\textit{Cyber Threat Trend Analysis Model Using HMM. In Information Assurance and Security},  				2007. August. 2007. 2007. IEEE. p. .  	 	 (Third International Symposium on) 
\bibitem[Gegick and Williams ()]{b4}\label{b4} 	 		‘Matching attack patterns to security vulnerabilities in softwareintensive system designs’.  		 			Michael Gegick 		,  		 			Laurie Williams 		.  	 	 		\textit{ACM SIGSOFT Software Engineering Notes},  				2005. ACM. 30 p. .  	 
\bibitem[Snpd/Sawn ()]{b15}\label{b15} 	 		 			Snpd/Sawn 		.  		\textit{Sixth International Conference on},  				2005. IEEE. p. .  	 
\bibitem[Boehm ()]{b23}\label{b23} 	 		\textit{Software risk management: principles and practices. Software},  		 			B W Boehm 		.  		1991. IEEE. 8 p. .  	 
\bibitem[Li ()]{b19}\label{b19} 	 		‘The development of a hybrid intelligent system for developing marketing strategy’.  		 			S Li 		.  	 	 		\textit{Decision Support Systems}  		2000. 27  (4)  p. .  	 
\bibitem[Gandotra et al. (2009)]{b5}\label{b5} 	 		‘Threat mitigation, monitoring and management plan-A new approach in risk management’.  		 			V Gandotra 		,  		 			A Singhal 		,  		 			P Bedi 		.  	 	 		\textit{Advances in Recent Technologies in Communication and Computing},  				2009. October. 2009.  	 
\bibitem[Ingalsbe et al. ()]{b2}\label{b2} 	 		‘Threat modeling: diving into the deep end’.  		 			Jeffrey A Ingalsbe 		,  		 			Louis Kunimatsu 		,  		 			Tim Baeten 		,  		 			Nancy R Mead 		.  	 	 		\textit{Software, IEEE}  		2008. 25  (1)  p. .  	 
\end{bibitemlist}
 			 		 	 
\end{document}
