Spelling suggestions: "subject:"eeb applicatication."" "subject:"eeb ratios:application.""
71 |
Empirically Driven Investigation of Dependability and Security Issues in Internet-Centric SystemsHuynh, Toan Nguyen Duc 06 1900 (has links)
The Web, being the most popular component of the Internet, has been transformed from a static information-serving medium into a fully interactive platform. This platform has been used by developers to create web applications rivaling traditional desktop systems. Designing, developing and evaluating these applications require new or modified methodologies, techniques and tools because of the different characteristics they exhibit. This dissertation discusses two important areas for developing and evaluating these applications: security and data mining.
In the security area, a survey using a process similar to the Goal Question Metric approach examines the properties of web application vulnerabilities. Using results from the survey, a white-box approach to identify web applications vulnerabilities is proposed. Although the approach eliminates vulnerabilities during the development process, it does not protect existing web applications that have not utilized the approach. Hence, an Anomaly-based Network Intrusion Detection System, called AIWAS, is introduced. AIWAS protects web applications through the analysis of interactions between the users and the web applications. These interactions are classified as either benign or malicious; malicious interactions are prevented from reaching the web applications under protection.
In the data mining area, the method of reliability estimation from server logs is examined in detail. This examination reveals the fact that the session workload is currently obtained using a constant Session Timeout Threshold (STT) value. However, each website is unique and should have its own STT value. Hence, an initial model for estimating the STT is introduced to encourage future research on sessions to use a customized STT value per website. This research on the STT leads to a deeper investigation of the actual session workload unit. More specifically, the distributional properties of the session workload are re-examined to determine whether the session workload can be described as a heavy-tailed distribution. / Software Engineering and Intelligent Systems
|
72 |
Empirically Driven Investigation of Dependability and Security Issues in Internet-Centric SystemsHuynh, Toan Nguyen Duc Unknown Date
No description available.
|
73 |
Web-Based Intrusion Detection SystemAdemi, Muhamet January 2013 (has links)
Web applications are growing rapidly and as the amount of web sites globallyincreases so do security threats. Complex applications often interact with thirdparty services and databases to fetch information and often interactions requireuser input. Intruders are targeting web applications specifically and they are ahuge security threat to organizations and a way to combat this is to haveintrusion detection systems. Most common web attack methods are wellresearched and documented however due to time constraints developers oftenwrite applications fast and may not implement the best security practices. Thisreport describes one way to implement a intrusion detection system thatspecifically detects web based attacks.
|
74 |
Project X : All-in-one WAF testing toolAnantaprayoon, Amata January 2020 (has links)
Web Application Firewall (WAF) is used to protect the Web application (web app). One of the advantages of having WAF is, it can detect possible attacks even if there is no validation implemented on the web app. But how can WAF protect the web app if WAF itself is vulnerable? In general, four testing methods are used to test WAF such as fuzzing, payload execution, bypassing, and footprinting. There are several open-source WAF testing tools but it appears that it only offers one or two testing methods. That means a tester is required to have multiple tools and learn how each tool works to be able to test WAF using all testing methods. This project aims to solve this difficulty by developing a WAF testing tool called ProjectX that offers all testing methods. ProjectX has been tested on a testing environment and the results show that it fulfilled its requirements. Moreover, ProjectX is available on Github for any developer who want to improve or add more functionality to it.
|
75 |
Replacing a monolithic web application with a new backend frameworkLu, Wei January 2018 (has links)
Web Technologies, particularly the web application, have become an essential component of the business world in our daily life. By utilizing the web application, it is convenient for human beings to search the information, make the payment and communicate with others through Internet. However, according to a report from the Society of Digital Agencies, 77% of companies believe that poor website user experience is a weakness for their clients, which making poor user experience the most significant weakness agencies identified. As for current monolithic web application of booking course system, all the components are tightly integrated in one module so that it is difficult to maintain and make changes for both currents functions and new functions. In addition, the algorithms of some functions are vulnerable. For example, the offer code corresponding to the one course can be used for another course that should not be on sales promotion. This thesis presents a decoupling of the monolithic architecture. The monolithic architecture composes all in one piece and implement an alternative solution for booking course system based on representational state transfer web service, spring, WordPress and bootstrap frameworks. Moreover, this thesis focuses on improving the vulnerable algorithm for the old booking system. In the end, some non-functional requirement like user experience will also be taken in consideration. In this thesis, the result proves the feasibility of the decoupling monolithic architecture by exploiting RESTful web services. / Webbtekniker, speciellt webbapplikationer, har blivit en viktig komponent för företags dagliga verksamhet. Genom att använda webbapplikationer blir det enkelt för människor att söka information, göra betalningar och kommunicera med andra på Internet. Men enligt en rapport från the Society of Digital Agencies upplever 77% av företagen att en dåligt webbupplevelse påverkar slutkunderna, vilket gör webbupplevelsen till den största påverkande faktorn som the Society of Digital Agencies har identifierat. Det existerande webbokningssystemet är en monolit, där samtliga komponenter är tätt integrerade i en modul. Denna integrerade arkitektur gör det svårt att underhålla och förändra systemet. I tillägg finns det sårbarheter i systemet, som till exempel att rabattkoder för en kurs kan användas även på andra kurser, som inte ska rabatteras. Uppsatsen presenterar en frikoppling av den integrerade strukturen för systemet. Den nya arkitekturen bygger på representational state transfer web services, spring, wordpress samt bootstrap ramverken. I tillägg förbättras även de sårbara algoritmerna i det existerande bokningssystemet. Slutligen inkluderas ickefunktionella krav på användarvänlighet. I den här avhandlingen visar resultatet att det är möjligt att avmontera monolitisk arkitektur genom att utnyttja RESTful webbtjänster.
|
76 |
Detection of Vulnerability Scanning Attacks using Machine Learning : Application Layer Intrusion Detection and Prevention by Combining Machine Learning and AppSensor Concepts / Detektering av sårbarhetsscanning med maskininlärning : Detektering och förhindrande av attacker i applikationslagret genom kombinationen av maskininlärning och AppSensor konceptShahrivar, Pojan January 2022 (has links)
It is well-established that machine learning techniques have been used with great success in other domains and has been leveraged to deal with sources of evolving abuse, such as spam. This study aims to determine whether machine learning techniques can be used to create a model that detects vulnerability scanning attacks using proprietary real-world data collected from tCell, a web application firewall. In this context, a vulnerability scanning attack is defined as an automated process that detects and classifies security weaknesses and flaws in the web application. To test the hypothesis that machine learning techniques can be used to create a detection model, twenty four models were trained. The models showed a high level of precision and recall, ranging from 91% to 0.96% and 85% to 0.93%, respectively. Although the classification performance was strong, the models were not calibrated sufficiently which resulted in an underconfidence in the predictions. The results can therefore been viewed as a performance baseline. Nevertheless, the results demonstrate an advancement over the simplistic threshold-based techniques developed in the early days of the internet, but require further research and development to tune and calibrate the models. / Det är väletablerat att tekniker för maskininlärning har använts med stor framgång inom andra domäner och har utnyttjats för att hantera källor till växande missbruk, såsom spam. Denna studie syftar till att avgöra om maskininlärningstekniker kan tillämpas för att skapa en modell som upptäcker sårbarhets-skanningsattacker med hjälp av proprietär data som samlats in från tCell, en webbapplikationsbrandvägg. I detta sammanhang definieras en sårbarhetsskanningsattack som en automatiserad process som upptäcker och klassificerar säkerhetsbrister och brister i webb-applikationen. För att testa hypotesen att maskininlärningstekniker kan användas för att skapa en detektionsmodell, tränades tjugofyra modeller. Modellerna visade en hög nivå av precision och sensitivitet, från 91% till 0,96% och 85% till 0,93%, respektive. Även om klassificeringsprestandan var god, var modellerna inte tillräckligt kalibrerade, vilket resulterade i ett svagt förtoende för förutsägelserna. De presenterade resultaten kan därför ses som en prestationsbaslinje. Resultaten visar ett framsteg över de förenklade tröskelbaserade teknikerna som utvecklades i begynnelsen av internet, men kräver ytterligare forskning och utveckling för att kalibrera modellerna.
|
77 |
Моделирование коммуникационных процессов в образовательных организациях : магистерская диссертация / Modeling of communication processes in educational organizationsБелошейкина, А. С., Belosheikina, A. S. January 2022 (has links)
Цель исследования – опираясь на теоретические и практические основы цифровизации, смоделировать бизнес-процесс для автоматизации коммуникационных процессов в Профсоюзной организации. Объектом исследования выступает информационная система профсоюзной организации студентов ИнЭУ, структурное подразделение ПОС УрФУ. Для достижения данной цели были определены следующие задачи: провести обзор и анализ систем в условиях развития цифровой экономики; сформировать требования к выбору системы для профсоюзной организации; рассмотреть программные продукты для Профсоюзных организаций; смоделировать основную деятельность объекта исследования; создать и проанализировать модель AS-IS, выявить недостатки, построить модель TO-BE; создать концептуальную модель будущей системы; разработать план управления проектом; рассчитать экономическую эффективность проекта. Результаты выпускной квалификационной работы используются в процессе работы Профсоюзной организации студентов ИнЭУ, а также были представлены на научных конференциях. / The purpose of the study is to model a business process for automating communication processes in a trade union organization based on the theoretical and practical foundations of digitalization. The object of the study is the information system of the trade union organization of students of INEU, a structural unit of the UrFU PIC. To achieve this goal, the following tasks were identified: to review and analyze systems in the context of the development of the digital economy; to form requirements for choosing a system for a trade union organization; to consider software products for trade union organizations; simulate the main activity of the research object; create and analyze the AS-IS model, identify shortcomings, build a TO-BE model; create a conceptual model of the future system; develop a project management plan; calculate the economic efficiency of the project. The results of the final qualification work are used in the work of the Trade Union Organization of INEU students and have also been presented at scientific conferences.
|
78 |
Smart Parking SystemYadavalli, Siri Chandana January 1900 (has links)
Master of Science / Department of Computing and Information Sciences / Daniel A. Andresen / Locating a parking spot during peak hours in most populated areas like shopping malls, universities, exhibitions or convention centers is difficult for the drivers. The difficulty rises from not knowing where the available spots may be at that required time. Smart parking is a solution to metropolitan cities to reduce congestion, cut vehicle emission totals and save persons' time by helping them in finding a spot to park.
Smart Parking is a parking system, usually a new one that is equipped with special structured devices (things) to detect the available parking slots at any parking area. This is an application based on Internet of Things (IoT) that in Real-Time environment have sensors and devices embedded into parking spaces, transmitting data on the occupancy status; and the vehicle drivers can search for parking availability using their mobile phones or any infotainment system that is attached to the vehicle. Hence the driver would know where there is an available spot to park his vehicle in less time, reducing the energy consumption and air pollution. The Client or the sensor posts the parking slot occupancy status to a web service URL. The Java based web service is built using Spring and Hibernate to connect to the backend system. The web service (.war) file is deployed on Apache Tomcat Server and the backend used is MySQL database.
|
79 |
Cowboy: An Agile Programming Methodology for a Solo ProgrammerHollar, Ashby Brooks 01 January 2006 (has links)
Very little research in software engineering has focused on the model of a programmer working alone. These so-called cowboys are disdained for not working in teams to build software. In reality many cowboys work by themselves due to the circumstances of their work environment, not because they are unable or unwilling to work with well with others. These solo programmers could benefit from a methodology to assist them in consistently developing reliable software on time and within budget while satisfying the customer's needs. Cowboy was designed to help fill this void. This agile-based system incorporates the benefits of agile methodologies into a lightweight, customer-centered approach to software development for the lone developer. This thesis describes Cowboy and its successful application in developing a prototype for a web application.
|
80 |
Development of the Web-Based Admissions and Management System for IELPZiegler, Luciano 17 December 2010 (has links)
The academic program The Intensive English Language Program (IELP) at the University of New Orleans (UNO) offers one of the most effective and diverse language programs in the United States. This thesis is to report the development of the Webbased database application that manages admissions, students learning progress, and course offering of this program. The system development followed a simplified Unified Process for Software Development (UP) using the Unified Modeling Language (UML) models such as the requirement catch model – use cases, the analysis model – activity diagrams, and the design model –communication diagrams. The new system has met and exceeded all the business requirements and has been operating to support the further growth of the IELP at UNO. Significant attention has been given to information security; multiple techniques have been applied in addition to the security measures enforced in the hosting environment – the University Computing Center.
|
Page generated in 0.1162 seconds