Návrh a implementace informačního systému pro podporu plánování projektů ve firmě / Design and Implementation of Information System for Project Planning Support in the Company

Tichý, Ľuboš

January 2018

This thesis deals with the design and implementation of a web application, which is created for project planning support, building up schedules and human resource management. This is related to a project planning in a specific company, which is dealing with web and marketing solutions. This thesis describes theoretical bases, analysis of a company, design and implementation of the web application, its evaluation and propositions, what includes expansion of functionality of existing information system of the company.

Study on the highly reliable and secure data management system under weak ICT environment by blockchain technology / ブロックチェーン技術を用いた貧弱なICT環境下での高信頼・高セキュアデータ管理システムの研究 / ブロックチェーン ギジュツ オ モチイタ ヒンジャクナ ICT カンキョウカ デノ コウシンライ コウセキュア データ カンリ システム ノ ケンキュウ

Ragouguelaba Agoda-Koussema

22 March 2022

本論文はブロックチェーン技術を用いた，貧弱な情報通信(ICT)環境下での高信頼なデータ管理システムの設計と実装について述べたものである．住民データ管理システムの構築において最も重要な点の一つが，データの信頼性である．データを電子化して記録するときには，特にデータの改ざんが大きな課題になる．従ってデータの改ざんが起こらないこと，少なくとも改ざんされたことを検知することが必須となる．そこで着目したのがブロックチェーン技術である．ブロックチェーンの本質は，改ざんが原理的には不可能ではないが実質的には極めて困難な追記型データベース技術である．そこでその特性を利用して，信頼性の高い住民情報管理用のデータベースを構築できると考えた． / This study investigates the design and implementation of data management system with high level reliability and security by blockchain technology. The data access environment provided by blockchain is highly secure and trustworthy. In blockchain system, some data fragments are grouped into one piece called as blocks, and all blocks are connected to create a chain of blocks in database. When blocks are connected, hash value is used to connect blocks properly. Blockchain technology enables highly secure and reliable data management system under relatively poor ICT environment. For example, developing countries such as African countries do not have sufficient ICT environment. Therefore adopting blockchain technology is suitable for such countries. Based on this consideration, we started to build data management system on the blockchain system. / 博士(工学) / Doctor of Philosophy in Engineering / 同志社大学 / Doshisha University

Blockchain

Resident Record Management

Database

Web Application

Evaluating the effectiveness of web application testing techniques using automated tools

Alrashed, Weaam

January 2018

The heterogeneous structure and dynamic nature of web applications have made the testing procedure a challenge. Producing high-quality web applications can be performed by conducting appropriate testing techniques. As a result, several white-box and session-based testing techniques have been proposed in the literature. In this work, the performance and effectiveness of these testing techniques are evaluated in terms of fault detection on a simulated PHP online bookstore. The testing techniques are examined with the use of PHPUnit, xDebug and Selenium automated testing tools. We believe that combining the testing techniques with appropriate automated testing tools (PHPUnit and Selenium) can be effective in terms of fault detection and time spent to construct and run test cases on PHP web applications. The results show that some testing techniques are preferred. We also identify categories of faults that are amenable to detection by each of the techniques, as well as categories of faults that are difficult to detect by any of the techniques. Moreover, using the automated tools has helped in automating the conduct of the tests and in reducing the time required to perform them. / Thesis / Master of Applied Science (MASc)

LIDS: An Extended LSTM Based Web Intrusion Detection System With Active and Distributed Learning

Sagayam, Arul Thileeban

24 May 2021

Intrusion detection systems are an integral part of web application security. As Internet use continues to increase, the demand for fast, accurate intrusion detection systems has grown. Various IDSs like Snort, Zeek, Solarwinds SEM, and Sleuth9, detect malicious intent based on existing patterns of attack. While these systems are widely deployed, there are limitations with their approach, and anomaly-based IDSs that classify baseline behavior and trigger on deviations were developed to address their shortcomings. Existing anomaly-based IDSs have limitations that are typical of any machine learning system, including high false-positive rates, a lack of clear infrastructure for deployment, the requirement for data to be centralized, and an inability to add modules tailored to specific organizational threats. To address these shortcomings, our work proposes a system that is distributed in nature, can actively learn and uses experts to improve accuracy. Our results indicate that the integrated system can operate independently as a holistic system while maintaining an accuracy of 99.03%, a false positive rate of 0.5%, and speed of processing 160,000 packets per second for an average system. / Master of Science / Intrusion detection systems are an integral part of web application security. The task of an intrusion detection system is to identify attacks on web applications. As Internet use continues to increase, the demand for fast, accurate intrusion detection systems has grown. Various IDSs like Snort, Zeek, Solarwinds SEM, and Sleuth9, detect malicious intent based on existing attack patterns. While these systems are widely deployed, there are limitations with their approach, and anomaly-based IDSs that learn a system's baseline behavior and trigger on deviations were developed to address their shortcomings. Existing anomaly-based IDSs have limitations that are typical of any machine learning system, including high false-positive rates, a lack of clear infrastructure for deployment, the requirement for data to be centralized, and an inability to add modules tailored to specific organizational threats. To address these shortcomings, our work proposes a system that is distributed in nature, can actively learn and uses experts to improve accuracy. Our results indicate that the integrated system can operate independently as a holistic system while maintaining an accuracy of 99.03%, a false positive rate of 0.5%, and speed of processing 160,000 packets per second for an average system.

IDS

Distributed active learning

Web application security

CodeWorkout: Design and Implementation of an Online Drill-and-Practice System for Introductory Programming

Panamalai Murali, Krishnan

14 June 2016

The massive rise in Computer Science enrollments in both traditional classroom courses and in Massively Open Online Courses (MOOCs) shows the enormous opportunities in engaging students to learn programming. While the number of students in CS courses continues to increase, there has been no concomitant increase in the number of instructors for such courses. This leads to a completely lopsided learning environment where the already-stretched instructor is pressed to spend more time on ancillary tasks like grading and course bookkeeping. CodeWorkout is an online drill-and-practice system with course management features that aims to address these issues. CodeWorkout hosts an online repository of programming questions that instructors can incorporate into their courses. It also provides instructors with a facility to create their own programming questions so that exercises can be tailored according to the needs of the class. CodeWorkout has an open gradual engagement model that allows students who are not enrolled in a course to use it. CodeWorkout also creates an open environment for instructors to collaborate by sharing exercises that they create. CodeWorkout has been used in four courses at Virginia Tech. It has been shown to significantly improve the student's skills in introductory programming through providing a number of online practice questions. / Master of Science

drill-and-practice

educational technology

web application

Using a Web Server Test Bed to Analyze the Limitations of Web Application Vulnerability Scanners

Shelly, David Andrew

17 September 2010

The threat of cyber attacks due to improper security is a real and evolving danger. Corporate and personal data is breached and lost because of web application vulnerabilities thousands of times every year. The large number of cyber attacks can partially be attributed to the fact that web application vulnerability scanners are not used by web site administrators to scan for flaws. Web application vulnerability scanners are tools that can be used by network administrators and security experts to help prevent and detect vulnerabilities such as SQL injection, buffer overflows, cross-site scripting, malicious file execution, and session hijacking. However, these tools have been found to have flaws and limitations as well. Research has shown that web application vulnerability scanners are not capable of always detecting vulnerabilities and attack vectors, and do not give effective measurements of web application security. This research presents a method to analyze the flaws and limitations of several of the most popular commercial and free/open-source web application scanners by using a secure and insecure version of a custom-built web application. Using this described method, key improvements that should be made to web application scanner techniques to reduce the number of false-positive and false-negative results are proposed. / Master of Science

Vulnerability Detection

Web Application Scanners

Web Application Security

Black Box Testing

M-crawler: Crawling Rich Internet Applications Using Menu Meta-model

Choudhary, Suryakant

27 July 2012

Web applications have come a long way both in terms of adoption to provide information and services and in terms of the technologies to develop them. With the emergence of richer and more advanced technologies such as Ajax, web applications have become more interactive, responsive and user friendly. These applications, often called Rich Internet Applications (RIAs) changed the traditional web applications in two primary ways: Dynamic manipulation of client side state and Asynchronous communication with the server. At the same time, such techniques also introduce new challenges. Among these challenges, an important one is the difficulty of automatically crawling these new applications. Crawling is not only important for indexing the contents but also critical to web application assessment such as testing for security vulnerabilities or accessibility. Traditional crawlers are no longer sufficient for these newer technologies and crawling in RIAs is either inexistent or far from perfect. There is a need for an efficient crawler for web applications developed using these new technologies. Further, as more and more enterprises use these new technologies to provide their services, the requirement for a better crawler becomes inevitable. This thesis studies the problems associated with crawling RIAs. Crawling RIAs is fundamentally more difficult than crawling traditional multi-page web applications. The thesis also presents an efficient RIA crawling strategy and compares it with existing methods.

Web Crawling

Rich Internet Applications

Web Application Modelling

Job search portal

Sowmya, Mathukumalli

January 1900

Master of Science / Department of Computer Science / Mitchell L. Neilsen / Finding jobs that best suits the interests and skill set is quite a challenging task for the job seekers. The difficulties arise from not having proper knowledge on the organization’s objective, their work culture and current job openings. In addition, finding the right candidate with desired qualifications to fill their current job openings is an important task for the recruiters of any organization. Online Job Search Portals have certainly made job seeking convenient on both sides. Job Portal is the solution where recruiter as well as the job seeker meet aiming at fulfilling their individual requirement. They are the cheapest as well as the fastest source of communication reaching wide range of audience on just a single click irrespective of their geographical distance. The web application “Job Search Portal” provides an easy and convenient search application for the job seekers to find their desired jobs and for the recruiters to find the right candidate. Job seekers from any background can search for the current job openings. Job seekers can register with the application and update their details and skill set. They can search for available jobs and apply to their desired positions. Android, being open source has already made its mark in the mobile application development. To make things handy, the user functionalities are developed as an Android application. Employer can register with the application and posts their current openings. They can view the Job applicants and can screen them according to the best fit. Users can provide a review about an organization and share their interview experience, which can be viewed by the Employers.

Web Application

Android

Spring

Hibernate

RESTful Web Services

JavaScript

Geospatial Web-Mapping and Application Development for the Southeast Arizona Sustainable Recreation Strategy

Little, Jessica

14 December 2016

Within the last decade, the United States Forest Service (USFS) has initiated a nation-wide project of Sustainable Recreation as a response to the decreasing amount of resources available to maintain the current recreation infrastructure, including trails, campgrounds, etc. These unmaintained trails and facilities pose a potential safety threat to users and the landscape in which they reside. This smaller pilot project, as part of the Southeast Arizona Sustainable Recreation Strategy, is the second pilot project in the Southwest Region of the USFS aimed at growing the Sustainable Recreation initiative. The main goal of this project is to create the framework for an inter-agency web application of recreation opportunities in Southeast Arizona, with an aim to increase communication between land management agencies, and to increase public participation and conservation of public lands. To achieve this, recreation data were gathered from multiple participating agencies and merged into a new schema in order to provide useful attribute information. This schema was then uploaded to ArcGIS Online and saved as a web map for internal, agency use. In addition, a public-facing web application and corresponding Story Map were also created. The result better portrays the Sustainable Recreation initiative and provides a one-stop-shop of useful recreation information and links for users who wish to become more involved. This project provides the groundwork for which more data from additional agencies and areas can be added and the participation of both land management agencies and the general public can grow.

Sustainable Recreation

public land management

web application

Southeast Arizona

Trip planner : A web application for planning carpooling between Mid Sweden University's campuses

Omran, Ali

January 2018

Mid Sweden University staff has several different meetings around the year. Most meetings take place in Mid Sweden University's various campuses (Sundsvall and Östersund). In order for the staff to be able to participate in these meetings, rental-cars are rented from different rental companies. The rental cars are used to transport the staff between the university's campuses. The trips are mostly made by one or two people per car which can lead to unneces- sary extra costs. The goal of this project has been to provide a solution to this problem. The solution was in the form of a web application which the staff can use to register and join carpool trips. Since there are many carpool applications out there, the usability of the web application will be compared to the usability of a similar carpool application called GoMore to show if the developed appli- cation has any advantages in usability over similar applications. This was done by doing user-tests with 10 users followed by a questionnaire for each applica- tion. The usability metrics that were evaluated and compared for both applica- tions were the following: effectiveness, time based efficiency and the satisfac- tion of the user. The results showed a slightly better result in effectiveness and time based efficiency for the developed application. The results also showed a greater satisfaction for users who tested GoMore. Although the developed web application did not show a significant difference in usability over GoMore, the developed application is more specific for the university's problem and can be developed even further to suit the university's needs.

MIUN

carpooling

usability

web-application.

Software Engineering

Programvaruteknik