Global ETD Search

71	Web-Based Intrusion Detection System Ademi, Muhamet January 2013 (has links) Web applications are growing rapidly and as the amount of web sites globallyincreases so do security threats. Complex applications often interact with thirdparty services and databases to fetch information and often interactions requireuser input. Intruders are targeting web applications specifically and they are ahuge security threat to organizations and a way to combat this is to haveintrusion detection systems. Most common web attack methods are wellresearched and documented however due to time constraints developers oftenwrite applications fast and may not implement the best security practices. Thisreport describes one way to implement a intrusion detection system thatspecifically detects web based attacks. intrusion detection system ids web application security web application network security web security Engineering and Technology Teknik och teknologier
72	Project X : All-in-one WAF testing tool Anantaprayoon, Amata January 2020 (has links) Web Application Firewall (WAF) is used to protect the Web application (web app). One of the advantages of having WAF is, it can detect possible attacks even if there is no validation implemented on the web app. But how can WAF protect the web app if WAF itself is vulnerable? In general, four testing methods are used to test WAF such as fuzzing, payload execution, bypassing, and footprinting. There are several open-source WAF testing tools but it appears that it only offers one or two testing methods. That means a tester is required to have multiple tools and learn how each tool works to be able to test WAF using all testing methods. This project aims to solve this difficulty by developing a WAF testing tool called ProjectX that offers all testing methods. ProjectX has been tested on a testing environment and the results show that it fulfilled its requirements. Moreover, ProjectX is available on Github for any developer who want to improve or add more functionality to it. Web application vulnerability OWASP top ten Web Application Firewall WAF WAF testing WAF testing tool Modsecurity AWS WAF XSS SQLI Computer Sciences Datavetenskap (datalogi)
73	Replacing a monolithic web application with a new backend framework Lu, Wei January 2018 (has links) Web Technologies, particularly the web application, have become an essential component of the business world in our daily life. By utilizing the web application, it is convenient for human beings to search the information, make the payment and communicate with others through Internet. However, according to a report from the Society of Digital Agencies, 77% of companies believe that poor website user experience is a weakness for their clients, which making poor user experience the most significant weakness agencies identified. As for current monolithic web application of booking course system, all the components are tightly integrated in one module so that it is difficult to maintain and make changes for both currents functions and new functions. In addition, the algorithms of some functions are vulnerable. For example, the offer code corresponding to the one course can be used for another course that should not be on sales promotion. This thesis presents a decoupling of the monolithic architecture. The monolithic architecture composes all in one piece and implement an alternative solution for booking course system based on representational state transfer web service, spring, WordPress and bootstrap frameworks. Moreover, this thesis focuses on improving the vulnerable algorithm for the old booking system. In the end, some non-functional requirement like user experience will also be taken in consideration. In this thesis, the result proves the feasibility of the decoupling monolithic architecture by exploiting RESTful web services. / Webbtekniker, speciellt webbapplikationer, har blivit en viktig komponent för företags dagliga verksamhet. Genom att använda webbapplikationer blir det enkelt för människor att söka information, göra betalningar och kommunicera med andra på Internet. Men enligt en rapport från the Society of Digital Agencies upplever 77% av företagen att en dåligt webbupplevelse påverkar slutkunderna, vilket gör webbupplevelsen till den största påverkande faktorn som the Society of Digital Agencies har identifierat. Det existerande webbokningssystemet är en monolit, där samtliga komponenter är tätt integrerade i en modul. Denna integrerade arkitektur gör det svårt att underhålla och förändra systemet. I tillägg finns det sårbarheter i systemet, som till exempel att rabattkoder för en kurs kan användas även på andra kurser, som inte ska rabatteras. Uppsatsen presenterar en frikoppling av den integrerade strukturen för systemet. Den nya arkitekturen bygger på representational state transfer web services, spring, wordpress samt bootstrap ramverken. I tillägg förbättras även de sårbara algoritmerna i det existerande bokningssystemet. Slutligen inkluderas ickefunktionella krav på användarvänlighet. I den här avhandlingen visar resultatet att det är möjligt att avmontera monolitisk arkitektur genom att utnyttja RESTful webbtjänster. Computer and Information Sciences Data- och informationsvetenskap
74	Detection of Vulnerability Scanning Attacks using Machine Learning : Application Layer Intrusion Detection and Prevention by Combining Machine Learning and AppSensor Concepts / Detektering av sårbarhetsscanning med maskininlärning : Detektering och förhindrande av attacker i applikationslagret genom kombinationen av maskininlärning och AppSensor koncept Shahrivar, Pojan January 2022 (has links) It is well-established that machine learning techniques have been used with great success in other domains and has been leveraged to deal with sources of evolving abuse, such as spam. This study aims to determine whether machine learning techniques can be used to create a model that detects vulnerability scanning attacks using proprietary real-world data collected from tCell, a web application firewall. In this context, a vulnerability scanning attack is defined as an automated process that detects and classifies security weaknesses and flaws in the web application. To test the hypothesis that machine learning techniques can be used to create a detection model, twenty four models were trained. The models showed a high level of precision and recall, ranging from 91% to 0.96% and 85% to 0.93%, respectively. Although the classification performance was strong, the models were not calibrated sufficiently which resulted in an underconfidence in the predictions. The results can therefore been viewed as a performance baseline. Nevertheless, the results demonstrate an advancement over the simplistic threshold-based techniques developed in the early days of the internet, but require further research and development to tune and calibrate the models. / Det är väletablerat att tekniker för maskininlärning har använts med stor framgång inom andra domäner och har utnyttjats för att hantera källor till växande missbruk, såsom spam. Denna studie syftar till att avgöra om maskininlärningstekniker kan tillämpas för att skapa en modell som upptäcker sårbarhets-skanningsattacker med hjälp av proprietär data som samlats in från tCell, en webbapplikationsbrandvägg. I detta sammanhang definieras en sårbarhetsskanningsattack som en automatiserad process som upptäcker och klassificerar säkerhetsbrister och brister i webb-applikationen. För att testa hypotesen att maskininlärningstekniker kan användas för att skapa en detektionsmodell, tränades tjugofyra modeller. Modellerna visade en hög nivå av precision och sensitivitet, från 91% till 0,96% och 85% till 0,93%, respektive. Även om klassificeringsprestandan var god, var modellerna inte tillräckligt kalibrerade, vilket resulterade i ett svagt förtoende för förutsägelserna. De presenterade resultaten kan därför ses som en prestationsbaslinje. Resultaten visar ett framsteg över de förenklade tröskelbaserade teknikerna som utvecklades i begynnelsen av internet, men kräver ytterligare forskning och utveckling för att kalibrera modellerna. Vulnerability Scanning Random Forest Web application security Next-Gen Web application Firewall Machine learning Dynamic application security testing Intrusion detection & prevention Computer and Information Sciences Data- och informationsvetenskap
75	Моделирование коммуникационных процессов в образовательных организациях : магистерская диссертация / Modeling of communication processes in educational organizations Белошейкина, А. С., Belosheikina, A. S. January 2022 (has links) Цель исследования – опираясь на теоретические и практические основы цифровизации, смоделировать бизнес-процесс для автоматизации коммуникационных процессов в Профсоюзной организации. Объектом исследования выступает информационная система профсоюзной организации студентов ИнЭУ, структурное подразделение ПОС УрФУ. Для достижения данной цели были определены следующие задачи: провести обзор и анализ систем в условиях развития цифровой экономики; сформировать требования к выбору системы для профсоюзной организации; рассмотреть программные продукты для Профсоюзных организаций; смоделировать основную деятельность объекта исследования; создать и проанализировать модель AS-IS, выявить недостатки, построить модель TO-BE; создать концептуальную модель будущей системы; разработать план управления проектом; рассчитать экономическую эффективность проекта. Результаты выпускной квалификационной работы используются в процессе работы Профсоюзной организации студентов ИнЭУ, а также были представлены на научных конференциях. / The purpose of the study is to model a business process for automating communication processes in a trade union organization based on the theoretical and practical foundations of digitalization. The object of the study is the information system of the trade union organization of students of INEU, a structural unit of the UrFU PIC. To achieve this goal, the following tasks were identified: to review and analyze systems in the context of the development of the digital economy; to form requirements for choosing a system for a trade union organization; to consider software products for trade union organizations; simulate the main activity of the research object; create and analyze the AS-IS model, identify shortcomings, build a TO-BE model; create a conceptual model of the future system; develop a project management plan; calculate the economic efficiency of the project. The results of the final qualification work are used in the work of the Trade Union Organization of INEU students and have also been presented at scientific conferences. ЦИФРОВИЗАЦИЯ ПРОФСОЮЗ МОДЕЛЬ КОММУНИКАЦИИ ЦИФРОВАЯ ПЛАТФОРМА ВЕБ-ПРИЛОЖЕНИЕ MASTER'S THESIS DIGITALIZATION TRADE UNION COMMUNICATION MODEL DIGITAL PLATFORM WEB APPLICATION WEB APPLICATION DESIGN
76	Smart Parking System Yadavalli, Siri Chandana January 1900 (has links) Master of Science / Department of Computing and Information Sciences / Daniel A. Andresen / Locating a parking spot during peak hours in most populated areas like shopping malls, universities, exhibitions or convention centers is difficult for the drivers. The difficulty rises from not knowing where the available spots may be at that required time. Smart parking is a solution to metropolitan cities to reduce congestion, cut vehicle emission totals and save persons' time by helping them in finding a spot to park. Smart Parking is a parking system, usually a new one that is equipped with special structured devices (things) to detect the available parking slots at any parking area. This is an application based on Internet of Things (IoT) that in Real-Time environment have sensors and devices embedded into parking spaces, transmitting data on the occupancy status; and the vehicle drivers can search for parking availability using their mobile phones or any infotainment system that is attached to the vehicle. Hence the driver would know where there is an available spot to park his vehicle in less time, reducing the energy consumption and air pollution. The Client or the sensor posts the parking slot occupancy status to a web service URL. The Java based web service is built using Spring and Hibernate to connect to the backend system. The web service (.war) file is deployed on Apache Tomcat Server and the backend used is MySQL database. Smart Parking System Web Application Spring Hibernate RESTful Web Services JavaScript
77	Cowboy: An Agile Programming Methodology for a Solo Programmer Hollar, Ashby Brooks 01 January 2006 (has links) Very little research in software engineering has focused on the model of a programmer working alone. These so-called cowboys are disdained for not working in teams to build software. In reality many cowboys work by themselves due to the circumstances of their work environment, not because they are unable or unwilling to work with well with others. These solo programmers could benefit from a methodology to assist them in consistently developing reliable software on time and within budget while satisfying the customer's needs. Cowboy was designed to help fill this void. This agile-based system incorporates the benefits of agile methodologies into a lightweight, customer-centered approach to software development for the lone developer. This thesis describes Cowboy and its successful application in developing a prototype for a web application. software development web application computer Agile Manifesto code Computer Sciences Physical Sciences and Mathematics
78	Development of the Web-Based Admissions and Management System for IELP Ziegler, Luciano 17 December 2010 (has links) The academic program The Intensive English Language Program (IELP) at the University of New Orleans (UNO) offers one of the most effective and diverse language programs in the United States. This thesis is to report the development of the Webbased database application that manages admissions, students learning progress, and course offering of this program. The system development followed a simplified Unified Process for Software Development (UP) using the Unified Modeling Language (UML) models such as the requirement catch model – use cases, the analysis model – activity diagrams, and the design model –communication diagrams. The new system has met and exceeded all the business requirements and has been operating to support the further growth of the IELP at UNO. Significant attention has been given to information security; multiple techniques have been applied in addition to the security measures enforced in the hosting environment – the University Computing Center. Web application student manager web service interaction security ColdFusion Oracle PeopleSoft
79	Modeling Shape Effects in Nano Magnetic Materials With Web Based Micromagnetics Zhao, Zhidong 21 May 2005 (has links) This research work focuses on the geometry and shape effects on submicron magnetic material. A web based micromagnetics program is written to model the hysteresis loop of nano magnetic samples with arbitrary geometry shapes and multiple magnetic materials. Three material samples have been modeled with this program along with nano magnets with a variety of geometric shapes. Shape anisotropy has been introduced to a permalloy ring by adding a cross-tie structure with various widths. The in-plane hysteresis loop and reversal behavior have no notable difference in direction parallel to the cross-tie, but greatly changed in perpendicular and diagonal directions. The switching field distribution is significantly reduced. The two distinct "onion" bit states of the modified ring elements are stabilized in the hysteresis in the diagonal direction. The changes in the modified rings make them better candidates for Magnetic Random Access Memory elements. Two Pac-Man elements, PM I and PM II, geometrically modified from disc and half disc respectively, are modeled. The PM I element undergoes a magnetic reversal through a two-stage mechanism that involves nucleation in the left and right middle areas followed by vortex core formation and vortex core motion in the lower middle area. The reversal process of the PM II element lacks the vortex core formation and motion stage. The switching field of the PM I and PM II elements are the same but the switching field distribution of the PM II elements is much narrower than that of the PM I element. Only the PM II element meets MRAM application requirements. The thickness dependence of the magnetic properties of a core-shell structure has been studied. The nano particles have a cobalt core and a permalloy shell. The nano spheres are the same size but with various shell thickness. Simulations reveal a multi-stage reversal process without the formation of a Bloch wall for thin-shell structure and smooth reversal process with the formation and motion of a Bloch wall for thick-shell structure. Gradual transition of the hysteresis loop patterns has been observed. Micromagnetics shape effect hysteresis magnetization reversal nano magnets XML web application
80	Visualizing Aquatic Species Movement with Spatiotemporal Data from Acoustic and Satellite Transmitters Bajwa, Perabjoth Singh 01 May 2016 (has links) Tracking an individual specimen can be a difficult task especially when one also has to keep track of the environmental factors that affect the tracked specimen’s behavior. The task of tracking these animals becomes impossible when they become submerged in water and their number increases to more than just one. The aquatic species that are being tracked by this project in Lake Pontchartrain and the Gulf of Mexico are: tarpon, scalloped hammerhead, whale shark, tiger shark, yellowfin tuna, spotted seatrout, redfish, and bull shark. We are tracking these fish using acoustic and satellite transmitters. The insertion of transmitters in the fish was handled by the Louisiana Department of Wildlife and Fisheries biologists. The acoustic transmitters were implanted on smaller fish that only swam in Lake Pontchartrain. Due to this, receivers were only implanted at locations across the lake on various types of attachments such as buoys, PVC pipes, and pilings. These receivers were positioned at more than ninety locations in order to maximize the acquisition of detections. These species were tracked in Lake Pontchartrain and the Gulf of Mexico. After this preliminary setup, a constant batch of data was generated on a regular basis and this data was process by the application developed in this project. A Ruby on Rails application was then setup in order to store this data and manipulate it to display an animated track. The application utilizes: Ruby, Rails, HTML, CSS, SQL, JavaScript and multiple third part libraries. Many optimizations were performed in order to ensure reliability and performance when loading a high volume of fish or if a high volume of users were to use the application.

Search results