Global ETD Search

31	Jämförelse av statiska kodanalysverktyg : En fallstudie om statiska kodanalysverktygs förmåga att hitta sårbarheter i kod / Comparison of static code analysis tools: A case study of static code analysis tools ability to find code vulnerabilities Holmberg, Anna January 2020 (has links) Security deficiencies that occur in web applications can have major consequences. PHP is a language that is often used for web applications and it places high demands on how the language is used to ensure it is safe. There are several features in PHP that should be handled with care to avoid security flaws. Static code analysis can help find vulnerabilities in code, but there are some drawbacks that can occur with static code analysis tools. One disadvantage is false positives which means that the tool reports vulnerabilities that do not exist. There are also false negatives which means the tool cannot find the vulnerability at all which can lead to a false sense of security for the user of the tool. With the help of completed test cases, three tools have been investigated in a case study to find out if the tools differ in their ability to avoid false positives and false negatives. The study also examines whether the tools' rules consider the PHP language's vulnerable functions. To answer the research question, a document collection was conducted to obtain information about the tools and various vulnerabilities. The purpose of this study is to compare the ability of static code analysis tools to find PHP code vulnerabilities. The tools that were investigated were SonarQube, Visual Code Grepper (VCG) and Exakat. The study's analysis shows that VCG found the most vulnerabilities but failed to avoid false positive vulnerabilities. Exakat had zero false positives but could not avoid false negatives to the same extent as VCG. SonarQube avoided all false positives but did not find any of the vulnerabilities tested in the test cases. According to the rules of the tools, VCG had more consideration for the risky functions found in PHP. The study's results show that the tools' ability to avoid false positives and false negatives differed and their adaptation to the PHP language's vulnerable functions. / Säkerhetsbrister som förekommer i webbapplikationer kan leda till stora konsekvenser. PHP är ett språk som ofta används för webbapplikationer och det ställer höga krav på hur språket används för att det ska vara säkert. Det finns flera funktioner i PHP som bör hanteras varsamt för att inte säkerhetsbrister ska uppstå. Statisk kodanalys kan hjälpa till med att hitta sårbarheter i kod men det finns vissa nackdelar som kan uppkomma med statiska kodanalysverktyg. En nackdel är falska positiva vilket betyder att verktyget rapporterar in sårbarheter som inte finns. Det finns också falska negativa som betyder att verktyget inte hittar sårbarheten alls vilket kan leda till en falsk trygghetskänsla för användaren av verktyget. Med hjälp av färdiga testfall så har tre verktyg utretts i en fallstudie för att ta reda på om verktygen skiljer sig i sin förmåga till att undvika falska positiva och falska negativa. Studien undersöker också om verktygens regler tar PHP-språkets sårbara funktioner i beaktning. För att kunna besvara forskningsfrågan har en dokumentsinsamling genomförts för att få information om verktygen och olika sårbarheter. Studiens syfte är att jämföra statiska kodanalysverktygs förmåga att hitta sårbarheter i PHP-kod. De verktyg som utreddes var SonarQube, Visual Code Grepper (VCG) och Exakat. Studiens analys visar att VCG hittade mest sårbarheter men lyckades inte undvika falska positiva sårbarheter. Exakat hade noll falska positiva men kunde inte undvika falska negativa i lika stor utsträckning som VCG. SonarQube undvek alla falska positiva men hittade inte någon av de sårbarheter som testades i testfallen. Enligt verktygens regler visade sig VCG ta mest hänsyn till de riskfyllda funktioner som finns i PHP. Studiens resultat visar att verktygens förmåga att undvika falska positiva och falska negativa och deras anpassning för PHP språkets sårbara funktioner skiljde sig åt. static code analysis software tools software vulnerabilities PHP false positives false negatives Statisk kodanalys mjukvaruverktyg programvarusårbarheter PHP falska positiva falska negativa Social Sciences Interdisciplinary
32	Определение эффективных подгрупп в социальной группе на основе применения методологии анализа социальных сетей (SNA-методологии) : магистерская диссертация / Detection of effective subgroups in a social group on the basis of SNA-methodology implementation Муравьев, А. А., Muravyov, A. A. January 2020 (has links) В магистерской диссертации производится сравнительный анализ четырех программных инструментов, которые поддерживают методологию анализа социальных сетей (SNA - методологию), и могут быть использованы для решения задачи формирования эффективных команд. В терминах SNA-методологии это есть поиск подгрупп в социальной группе. Приводится описание наиболее известных алгоритмов кластеризации, а также уровень поддержки этих алгоритмов существующими программными инструментами. В результате определяется наиболее эффективный алгоритм и наиболее удобный программный инструмент для решения данной задачи. / In the master's dissertation, a comparative analysis of four software tools is carried out. These tools support the methodology of analysis of social networks (SNA-methodology) and which could be used for effective teams building. In terms of the SNA-methodology, this is a kind of subgroup search in a social group. Description of the most popular clustering algorithms is delivered, as well as the level of support of these algorithms with software tools is under discussion. As a result, the most effective clustering algorithm and the most usable software tool for solving this problem are determined. ИНСТРУМЕНТАЛЬНОЕ ПО СЕТЕВОЙ ПОДХОД КЛАСТЕРНЫЙ АНАЛИЗ КОМАНДА MASTER'S THESIS SNA-METHODOLOGY SOFTWARE TOOLS NETWORK APPROACH CLUSTER ANALYSIS TEAM
33	Естимација потрошње енергије вишејезгарних наменских апликација / Estimacija potrošnje energije višejezgarnih namenskih aplikacija / Energy consumption estimation for embedded multicore applicationsLanguage Krunić Momčilo 07 February 2017 (has links) <p>Докторска тема описује и анализира развој алата за профилисање и естимацију потрошње енергије наменских апликација. Апликације о којима је реч се развијају за вишејезгарну хетерогену платформу пројектовану са нагласком на ниској потрошњи енергије. Истраживање се односи на изналажење могућности прецизне процене количине енергије коју конзумира наменска DSP аппликација приликом обраде улазног сигнала. Резултат истраживања је израда прецизаног модела потрошње енергије који омогућује директну спрегу између програмског решења које се развија и количине енергије потребне за његово извршавање. Основни циљ истраживања је развој енергетски ефикасних програмских решења. Модел представљен у овом раду остварује зависност између утрошка енергије и програмског решења на инструкционом нивоу. Тестирањем модела кроз реалне апликације је остварена прецизна процена утрошене енергије.</p> / <p>Doktorska tema opisuje i analizira razvoj alata za profilisanje i estimaciju potrošnje energije namenskih aplikacija. Aplikacije o kojima je reč se razvijaju za višejezgarnu heterogenu platformu projektovanu sa naglaskom na niskoj potrošnji energije. Istraživanje se odnosi na iznalaženje mogućnosti precizne procene količine energije koju konzumira namenska DSP applikacija prilikom obrade ulaznog signala. Rezultat istraživanja je izrada precizanog modela potrošnje energije koji omogućuje direktnu spregu između programskog rešenja koje se razvija i količine energije potrebne za njegovo izvršavanje. Osnovni cilj istraživanja je razvoj energetski efikasnih programskih rešenja. Model predstavljen u ovom radu ostvaruje zavisnost između utroška energije i programskog rešenja na instrukcionom nivou. Testiranjem modela kroz realne aplikacije je ostvarena precizna procena utrošene energije.</p> / <p>PhD thesis describes and analyzes an approach to the development of the<br />tool for energy consumption profiling and estimation of embedded<br />applications aimed for multi-core heterogeneous platform designed with an<br />emphasis on low power consumption. The main purpose of this study was to<br />enable prediction of the amount of energy consumed by embedded DSP<br />application, when processing the input signal. The primary goal was to obtain<br />a precise model of energy consumption that will establish a direct link<br />between program solutions and the amount of energy required for its<br />execution, in order to develop energy-efficient software solutions. The model<br />presented in this paper achieves link between energy consumption and<br />program solutions at instructional level. The solution was tested against a<br />real applications and it has been established that prediction of consumed<br />energy have a high degree of accuracy.</p>
34	Прилог аутоматској паралелизацији секвенцијалног машинског кода / Prilog automatskoj paralelizaciji sekvencijalnog mašinskog koda / An approach to automatic parallelization of sequential machine code Marinković Vladimir 24 September 2018 (has links) <p>Докторска теза анализира подршку за вишејезгарне и многојезгарне системе у циљу повећања искоришћења њихове снаге. Предмет истраживања је проналажење решења које би без уплитања програмера (аутоматски) паралелизовало постојеће секвенцијалне програме на бинарном нивоу који се извршавају на једном језгру (или процесору). Резултат истраживања је израда решења и алата за паралелизацију секвенцијалног машинког кода, који самостално стварају програме који се извршавају паралелно на више језгара вишејезгарног процесора, и тиме постижу балансирано оптерећење процесора. Основни циљ је добијање убрзања извршења програмског кода на вишејезгарном процесору ради омогућавања рада у реланом времену за задата ограничења. Добијено решење би се могло искористити и за смањење потрошње смањивањем радног такта процесора уз задржавање полазног времена извршења програма.</p> / <p>Doktorska teza analizira podršku za višejezgarne i mnogojezgarne sisteme u cilju povećanja iskorišćenja njihove snage. Predmet istraživanja je pronalaženje rešenja koje bi bez uplitanja programera (automatski) paralelizovalo postojeće sekvencijalne programe na binarnom nivou koji se izvršavaju na jednom jezgru (ili procesoru). Rezultat istraživanja je izrada rešenja i alata za paralelizaciju sekvencijalnog mašinkog koda, koji samostalno stvaraju programe koji se izvršavaju paralelno na više jezgara višejezgarnog procesora, i time postižu balansirano opterećenje procesora. Osnovni cilj je dobijanje ubrzanja izvršenja programskog koda na višejezgarnom procesoru radi omogućavanja rada u relanom vremenu za zadata ograničenja. Dobijeno rešenje bi se moglo iskoristiti i za smanjenje potrošnje smanjivanjem radnog takta procesora uz zadržavanje polaznog vremena izvršenja programa.</p> / <p>PhD thesis analyzes a support for multicore and manycore systems in terms<br />of better processing power utilization. Purpose of this study is finding a<br />solution for automatic parallelization of existing sequential code which<br />executes on single core (or processor), at the binary level. The research<br />intents to develop a solution and tools for parallelization of the sequential<br />machine code, which can create a program running simultaneously on all the<br />cores of the multi-core processor, and for achieving optimal load-balancing.<br />The primary goal is obtaining execution speedup of the program running on<br />the multicore processor, for meeting real-time processing constraints. Given<br />solution could be also used for energy saving, by lowering system clock and<br />keeping program execution runtime.</p>
35	Datová kvalita, integrita a konsolidace dat v BI / Data quality, data integrity and consolidation of data in BI Dražil, Michal January 2008 (has links) This thesis deals with the areas of enterprise data quality, data integrity and data consolidation from the perspective of Business Intelligence (BI), which is currently experiencing significant growth. The aim of this thesis is to provide a comprehensive view of the data quality in terms of BI, to analyze problems in the area of data quality control and to propose options to address them. Moreover, the thesis aims to analyze and assess the features of specialized software tools for data quality. Last but not least aim of this thesis is to identify the critical success factors in the field of data quality in CRM and BI projects. The thesis is divided into two parts. The first (theoretical) part deals with data quality, data integrity and consolidation of data in relation to BI trying to identify key issues, which are related to these areas. The second (practical) part of the thesis deals at first with the features of software tools for data quality and offers their fundamental summary as well as the tools breakdown. This part also provides basic comparison of the few selected software products specialized at the corporate data quality assurance. The practical part hereafter describes addressing the data quality within the specific BI/CRM project conducted by Clever Decision Ltd. This thesis is intended primarily for BI and data quality experts, as well as the others who are interested in these disciplines. The main contribution of this thesis is that it provides comprehensive view not only of data quality itself, but also deals with the issues that are directly related to the corporate data quality assurance. This thesis can serve as a sort of guidance for one of the first implementation phases in the BI projects, which deals with the data integration, data consolidation and solving problems in the area of data quality.
36	Nebezpečí chemického terorismu v podmínkách České republiky / Danger of Chemical Terrorism in the Czech Republic Novotná, Martina January 2012 (has links) Based on the literature review was mapped situation of chemical terrorism in the Czech Republic. In the introductory part of the thesis mentioned characteristics and the distribution to terrorism, is focused specifically on the chemical, which is carried out by chemical weapons. It is the setting between the so-called weapons of mass destruction. To address the proper and timely handling of emergencies such as use of the Integrated Rescue System software tools that help to model the vehicle in a situation where there is some way to leak chemicals. In this work were selected 2 software – ALOHA and TerEx. According to the resulting values were selected substance that could be considered dangerous, so most libely diverted to terrorist attack. In conclusion, it was pointed out the hazard assessment of industrial chemicals, and was advised to prepare the content and scope of the threat of chemical attack.
37	Ανάπτυξη λογισμικών επεξεργασίας και ανάλυσης γεωφυσικών δεδομένων. Εφαρμογές στον Κορινθιακό κόλπο, στο Αιγαίο και στο Ιόνιο πέλαγος / Developing software tools for the processing and analysis of marine geophysical data. Applications to the Gulf of Corinth, the Aegean and the Ionean sea Φακίρης, Ηλίας 28 February 2013 (has links) Η παρούσα διδακτορική διατριβή αποτελεί ένα συνδυαστικό ερευνητικό προϊόν που στοιχειοθετείται από την ανάπτυξη υπολογιστικών εργαλείων επεξεργασίας και ανάλυσης θαλάσσιων γεωφυσικών δεδομένων και την εφαρμογή τους σε πρωτογενή δεδομένα, συλλεγμένα από το Εργαστήριο Θαλάσσιας Γεωλογίας και Φυσικής Ωκεανογραφίας (Ε.ΘΑ.ΓΕ.Φ.Ω) του πανεπιστημίου Πατρών, κατά το διάστημα 2005 – 2011. Τα πεδία στα οποία συγκεντρώνεται το κέντρο βάρους της διατριβής είναι: 1) τα συστήματα ακουστικής ταξινόμησης πυθμένα και 2) η χαρτογράφηση και παραμετροποίηση εμφανίσεων των πολύ σημαντικών θαλάσσιων ενδιαιτημάτων της Ποσειδώνιας και των κοραλλιογενών σχηματισμών στο Ιόνιο και στο Αιγαίο πέλαγος. Έτσι αναπτύχθηκαν και παρουσιάστηκαν εκτενώς τα λογισμικά εργαλεία SonarClass και TargAn, που αναφέρονται αντίστοιχα στην αυτόματη ακουστική ταξινόμηση πυθμένα και την παραμετροποίηση περιοχών ενδιαφέροντος σε εικόνες ηχοβολιστών ευρείας σάρωσης και εφαρμόστηκαν για την χαρτογράφηση λειμώνων ποσειδώνιας στη Ζάκυνθο και κοραλλιογενών σχηματισμών (τραγάνας) στις Κυκλάδες νήσους. Παράλληλα και επεκτείνοντας το εύρος των ερευνητικών προϊόντων αυτής της διατριβής, αναπτύχθηκαν επίσης: 1) το λογισμικό SBP-Im-An για τη γεωαναφορά και ψηφιοποίηση παλαιών αναλογικών καταγραφών τομογράφων υποδομής πυθμένα, 2) το λογισμικό χωροστάθμησης θαλάσσιων γεωμαγνητικών δεδομένων MagLevel και 3) το λογισμικό ποσοτικοποίησης αλιευτικών ιχνών σε δεδομένα ηχοβολιστών ευρείας σάρωσης PgStat, με αντίστοιχες σημαντικές εφαρμογές σε πρωτογενή δεδομένα. Η παρούσα διατριβή επιδεικνύει πρωτοτυπία τόσο σε επίπεδο ανάπτυξης νέων μεθόδων ανάλυσης και επεξεργασίας γεωφυσικών δεδομένων όσο και σε επίπεδο παρουσίασης εφαρμογών τους σε περιοχές μελέτης με ιδιαίτερο περιβαλλοντικό ενδιαφέρον αλλά και σε πεδία έρευνας για τα οποία το ενδιαφέρον της σύγχρονης θαλάσσιας επιστημονικής κοινότητας βρίσκεται στο απόγειό του. / The present PhD thesis is a combinational research product concerning the development of software tools for the processing and analysis of marine geophysical data and their application to original data, collected by the Laboratory of Marine Geology and Physical Oceanography (L.M.G.P.O), university of Patras, Greece, during the period 2005-2011. The fields that this thesis focuses on are: 1) the Acoustic Seabed Classification Systems and 2) the mapping and quantification of very important marine habitats that specifically are the Posidonia Oceanica Prairies and the Coralline formations in the Aegean and Ionian seas. The software tools SonarClass and TargAn, that respectively refer to the Acoustic Seabed Classification and the quantification of Regions Of Interest in swath sonar imagery are presented and applied to the cases of Posidonia Oceanica in Zakinthos Isl. (Ionian Sea) and Coralline formations in Cyclades Isl. (Aegean Sea). Additionally and extending the range of the research products of this thesis, other software tools that are presented are: 1) the SBP-Im-An for the recreation (georeferencing and digitization) of old analog Sub Bottom Profiler recordings, 2) the MagLevel for the tie line leveling of marine geomagnetic data and 3) the PGStat for the quantification of trawl marks in swath sonar imagery, all of them with significant applications to original data. This thesis demonstrates originality due to both the development of new methods for the analysis and processing of marine geophysical data and the applications to study areas with particular environmental interest and research fields for which the attention of the marine scientists is at its peak. Λογισμικά εργαλεία Ταξινόμηση εικόνας Ανάλυση υφής Λειμώνες Ποσειδωνίας Αιγαίο πέλαγος Ιόνιο πέλαγος Κορινθιακός κόλπος 551.468 Marine geoacoustics Software tools Image classification Texture analysis Side scan sonars Marine magnetometers Subbotom profilers Coralline formations Posidonia Oceanica prairies Habitat mapping Aegean sea Ionean sea Gulf of Corinth Matlab

Page generated in 0.0603 seconds