Global ETD Search

471	Revolve Analyzer : Development of racing data analysis software Møllersen, Lauritz, Stadheim, Per Øyvind January 2012 (has links) Contains prestudy within racing data analysis, detailed architecture of software for analysis and implementation details. ntnudaim:7400 MTDT datateknikk Program- og informasjonssystemer
472	AppSensor : Attack-aware applications compared against a web application firewall and an intrusion detection system Thomassen, Pål January 2012 (has links) The thesis takes a look at the OWASP AppSensor project. The OWASP AppSensor project is about the idea of detecting attacks inside the applicaiton. The thesis compares OWASP AppSensor against both a web application firewall and an intrusion detection system. The comparison is based both on a short litterature study and an experiment performed. The experiment was a set of attacks based on OWASP top ten list which were executed against a simple bank web application. In the experiment the intrusion detection systems, web application firewall and the AppSensor detection points inside the application was tested to see which attacks they where able to detect. The results were quite satisfying for both the web application firewall and AppSensor meanin that they detected many attacks but AppSensors detection was slightly better. ntnudaim:7161 MTDT datateknikk Program- og informasjonssystemer
473	CESAR - text vs. boilerplates : What is more effcient - requirements written as free text or using boilerplates (templates)? Johannessen, Vegard January 2012 (has links) The thesis is the first study in this area, and provides insight into the strenghts and weaknesses of boilerplates, as well as suggesting which areas need more research.The experiment performed during the project was carried out using students from the second grade of the Computer Science program from NTNU, and was held in an auditorium. Results were ambiguos. It is the researcher's opinion that these two factors influenced the results negatively. In order to get clearer answers about the quality of boilerplates as a requirements engineering method, it is neccessary to do a more real-life experiment, using more experienced test subject, and also using tools like DODT to create the requirements. ntnudaim:7752 MTDT datateknikk Program- og informasjonssystemer
474	An Investigation of Team Effectiveness in Agile Software Development Haraldsen, Lars Martin Riiser January 2012 (has links) Abstract Agile teamwork has been widely used and accepted in today's industry of software development. The methods in agile teamwork claim to improve performance and predictability, and has during the past years become the target for an emerging area of research. The majority of the existing studies concerning agile teamwork mainly focus around eXtreme Programming (XP). Abstract This report is one of few that discuss teamwork in software development having the agile methodology Scrum in the main focus. The report focus on teamwork and team effectiveness. It discuss existing literature concerning Scrum and teamwork as well as showing the results from an observed ethnographically informed study of an agile project. All findings, challenges and opportunities, are analyzed and compared to theories around teamwork. The primary literature used are case studies about Scrum conducted in the past five years. Some descriptive literature is also used to support my findings. Abstract My main results are that solid leadership and members willing to adapt are of great importance. I also found that working in a closed room together facilitates teamwork and can increase team effectivenes. My teamwork model and framework for this project might not be completely optimal for this specific observed project. Overall, I have found that Scrum can be hard to adapt to. However, the agile practices facilitates team effectiveness. In addition, my results show that Scrum guidelines support communication and adaptability.Abstract Ultimately, it is interesting to see what can be improved in agile methods and to what extent team effectiveness changes.Abstract Keywords: Agile development, Scrum, Teamwork, Team effectiveness, Team performance ntnudaim:8090 MTDT datateknikk Program- og informasjonssystemer
475	Empirically Based Design Guidelines for Gaze Interaction in Windows 7 Raudsandmoen, Håkon, Rødsjø, Børge January 2012 (has links) The purpose of this study has been to test the use of gaze interaction in common everyday computer tasks, with the intent to suggest design guidelines for gaze interaction in Microsoft Windows 7. This has been done by organizing a user test with fifteen participants, using a self-made gaze interactive software called Discovery and a Tobii X60 eye tracker.Five demo applications have been created within the Discovery software, all utilizing gaze interaction. They are customized to reflect five user test tasks; playing a video game, exploring a picture gallery, doing drag and drop operations, browsing a web page and interacting with different Microsoft Windows controls. The four types of controls tested are command buttons, links, check boxes and sliders. Both quantitative and qualitative data were gathered during the user test.Through a discussion of the test results, we were able to suggest ten specific design guidelines for gaze interaction. These covers both the tested controls, drag and drop operations, automatic scrolling as well as the use of head gestures. Additional findings indicate that gaze interaction is more suitable for passive tasks such as reading with automatic scrolling, than for more physical tasks like doing drag and drop operations. To support gaze interaction, we found that current software will either require a major redesign or to be used in a combination with other interaction styles.Eye tracking technology has improved over the last years, becoming increasingly affordable and accurate. Through this study we have seen that gaze interaction has much to offer everyday computing. By recommending fundamental design guidelines we hope to aid software developers and designers in the development of future gaze interactive systems. ntnudaim:7351 MTDT datateknikk Program- og informasjonssystemer
476	Rule Engine Eriksen, Øystein, Leite, Andreas Smogeli January 2007 (has links) This project is a study of the development of the Rule Engine, which is a validation system for quality assurance of product data used in the grocery business. The authors was asked by Cogitare AS to develop the Rule Engine. A system where users without programming skills can build rules and validate product data. The main quality attribute focus is robustness and user friendliness. A survey has been used by the authors to be able to explore if our objectives have been achieved and to identify further work. The questionnaire has been conducted on students and software developers. ntnudaim:3467 MTDT datateknikk Program- og informasjonssystemer
477	OpenVG: Benchmarking and artistic opportunities Chevillard, Brice January 2007 (has links) OpenVG is a new open standard for 2 dimensions vector graphics for handheld devices. This project, which is a master thesis and an internship, aims to study the standard itself deeply before to study the role it can play in the future of artistic content creation.We will see that under some few conditions, OpenVG has everything to fulfil its role in the market and to attract digital artists who would like to enlarge their creation field. But the major aim of the project is to develop a benchmark for both hardware and software implementations. And to achieve this goal, a study of the theory of performance evaluation is necessary. And after developing the benchmark, it is interesting to run some few tests to illustrate some principles enounced while studying performance evaluation. ntnudaim:3721 MTDT datateknikk Program- og informasjonssystemer
478	A generic and flexible Framework for focusing Search at Yahoo! Shopping Eriksen, Trond Øivind, Korsen, Anne Siri January 2006 (has links) <p>Information retrieval is concerned with extraction of documents from a collection, according to the user's information need. The ranking returned by a search engine is determined by the relevance function in use. The amount of information stored digitally and being searched for on the Web, grows every day. As the document bases grow, relevance has never been more important. There is a trend towards domain-specific search solutions, vertical search services, in the case of searching the Web. A vertical search service utilise semi-structured documents, i.e. documents which contain metadata describing the content. Semi-structured information retrieval is a hybrid between traditional information retrieval based on unstructured documents, and database retrieval based on structured content. Semi-structured documents imply the use of multiple criteria for how the returned documents should be ranked. This in turn arises questions like which criterion that is more important, and how to combine the results produced by the different criteria. This thesis addresses these challenges. We have studied relevance techniques for the purpose of identifying an approach to improving the perceived relevance at the Yahoo! vertical search platform, Vespa. In particular, Yahoo! Shopping has been the focus during problem elaboration, implementation, and evalution. A plug-in is implemented in Vespa, providing a generic and flexible framework for hybrid search. Our solution allows for context queries, i.e. queries that include terms that describe the desired context, with no specific knowledge about the query language or document structure needed. Also, keyword and context terms in a query is treated differently, using the context terms only for focusing the search. 5 experiments have been performed to test our proposed solution. The results indicate that: - A considerable improvement in retrieval performance is achieved for context queries. Much of the improvement is obtained by removing noisy hits from the result. - The solution performs almost similar as the standard approach for non-context queries. However, these queries will suffer from a higher latency. The latency depends on the complexity of the domain. Most search engines today either return thousands of answers to a user query, or, in about 20% of the cases, none. Our solution may provide as a solution to these challenges and thus improve the perceived relevance. It should be noted that the solution requires a reasonable labelling of the documents, in addition to training of the users in order to make them use context words in their queries. The preliminary experiment results are positive, but are influenced by a reference collection somewhat adapted to our solution, and should therefore be complemented with experiments based on a full system implementation and a well-defined reference collection. The first step is to choose an appropriate labelling scheme for how the semantics of the documents and queries should be captured. Next, it would be interesting to experiment with the ranking of the results. Finally, the user interface should be extended in order to guide the user when submitting context queries.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer Komplekse datasystemer
479	Inputvalideringsbibliotek med integrering mot Eclipse / Input Validation Library with Eclipse Integration Moghal, Sahdia Fayyaz, Surnflødt, Torunn January 2009 (has links) <p>Validering av input er et sentralt emne innenfor sikker programvareutvikling. Det er spesielt viktig å validere inputfelter i applikasjoner som bruker input for å prosessere. En ondsinnet bruker kan fort utnytte slike felter. Det viktigste tiltaket for å sikre applikasjoner er tilstrekkelig kunnskap, da mangel på dette ofte resulterer i dårlig sikrede applikasjoner. Det ble i fordypningsprosjektet[33] kommet fram til at det eksisterer for dårlige rutiner blant IT-bedrifter når det kommer til sikkerhet. Utviklere har ikke nok kunnskap om området, og Internett blir stadig mer brukt til tjenester som innebærer sensitiv eller kritisk informasjon. Dette prosjektet tar for seg en rekke inputangrep og faren ved disse, og presenterer en rekke Security Patterner man kan bruke for å beskytte seg mot disse angrepene. Security Patternene beskriver problemet, setter det i en kontekst og gir forslag til løsninger som kan brukes i valideringen. I dette prosjektet er det fokusert på løsninger i form av regex, siden det er en effektiv metode for dette formålet. Alle Security Patternene er presentert i et bibliotek på en webside utviklet i dette prosjektet. Hensikten har vært å gi utviklere en felles kilde hvor de kan søke etter inputangrep, finne løsninger for å beskytte seg mot de og legge til egne forslag til løsninger hvis de ønsker det. Det er også laget en funksjon for at brukere skal kunne gi en positiv eller negativ tilbakemelding på bidragene. Dette vil gi en form for kvalitetssikring, og på sikt bidra til at biblioteket blir mer komplett. Biblioteket er utviklet med tanke på utviklere som ikke har mye kjennskap til inputangrep og regex, men er også egnet for mer erfarne brukere. Det er i tillegg til websiden utviklet en plugin for utviklingsverktøyet Eclipse, hvor man finner igjen Security Patternene fra websiden og en regexgenerator for å få hjelp til å generere egne regex. En appletversjon av generatoren er tilgjengelig på websiden for de som ikke benytter Eclipse. Prosjektet er testet både internt, eksternt av potensielle brukere og det er også sendt ut til bedrifter og mottatt tilbakemeldinger fra dem. Produktene ble sett på som nyttige og brukervennlige av testerne, men de ga også konstruktive tilbakemeldinger på hva som kunne forbedres både på brukervennlighet og funksjonalitet. Testresultatene ble analysert og det er blitt gjort en rekke forbedringer av systemet basert på analysen. I evalueringen er det blitt sett på positive og negative sider ved produktene, basert på egne erfaringer og synspunkter og testpersonenes tilbakemeldinger. Evalueringen har gitt en oversikt over en rekke områder som kan forbedres, både på websiden og i pluginen, og dette er beskrevet i kapittelet "videre arbeid" . Nøkkelord: Programvaresikkerhet, Inputvalidering, Regex, Plugin, Security Pattern.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer Data- og informasjonsforvaltning
480	Intrusion Detection in High-Speed Networks Riegel, Martin, Walsø, Claes Lyth January 2007 (has links) <p>This thesis investigates methods for implementing an intrusion detection system (IDS) in a high-speed backbone network. The work presented in this report is run in cooperation with Kripos and Uninett. The popular IDS software, Snort, is deployed and tested in Uninett's backbone network. In addition, the monitoring API (MAPI) is considered as a possible IDS implementation in the same environment. The experiments conducted in this report make use of the programmable DAG card, which is a passive monitoring card deployed on several monitoring sensors in Uninett's backbone. As a limitation of the workload, this report only focuses on the detection of botnets. Botnets are networks consisting of infected computers, and are considered to be a significant threat on the Internet as of today. A total of seven experiments using Snort are presented. These experiments test 1) the impact the number of rules have on Snort, 2) the importance of good configuration, 3)the importance of using well written rules, 4) Snort's ability to run in an environment with minimum external traffic, 5) the impact the size of the processed packets have, 6) the impact the TCP protocol has on packet processing and 7) Snort's ability to run as a botnet detection system for a longer period of time. Based on the results from these experiments, it is concluded that Snort is able to run as a botnet detection system in a high-speed network. This report also discusses some strategies for handling high-speed network data and some future aspects. In addition, ideas for further work and research are given in the end of the report.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer SIE7 kommunikasjonsteknologi Telematikk

Search results