19 research outputs found
Combinatorial-Based Prioritization for User-Session-Based Test Suites
Software defects caused by inadequate software testing can cost billions of dollars. Further, web application defects can be costly due to the fact that most web applications handle constant user interaction. However, software testing is often under time and budget constraints. By improving the time efficiency of software testing, many of the costs associated with defects can be saved. Current methods for web application testing can take too long to generate test suites. In addition, studies have shown that user-session-based test suites often find faults missed by other testing techniques. This project addresses this problem by utilizing existing user sessions for web application testing. The software testing method provided within this project utilizes previous knowledge about combinatorial coverage testing and improves time and computer memory efficiency by only considering test cases that exist in a user-session based test suite. The method takes the existing test suite and prioritizes the test cases based on a specific combinatorial criterion. In addition, this project presents an empirical study examining the application of the newly proposed combinatorial prioritization algorithm on an existing web application
Bridging the Gap: A Survey and Classification of Research-Informed Ethical Hacking Tools
The majority of Ethical Hacking (EH) tools utilised in penetration testing are developed by practitioners within the industry or underground communities. Similarly, academic researchers have also contributed to developing security tools. However, there appears to be limited awareness among practitioners of academic contributions in this domain, creating a significant gap between industry and academia’s contributions to EH tools. This research paper aims to survey the current state of EH academic research, primarily focusing on research-informed security tools. We categorise these tools into process-based frameworks (such as PTES and Mitre ATT&CK) and knowledge-based frameworks (such as CyBOK and ACM CCS). This classification provides a comprehensive overview of novel, research-informed tools, considering their functionality and application areas. The analysis covers licensing, release dates, source code availability, development activity, and peer review status, providing valuable insights into the current state of research in this field
Reverse engineering of web applications
The MAP-i Doctoral Program of the Universities of Minho, Aveiro and PortoEven so many years after its genesis, the Internet is still growing. Not only are
the users increasing, so are the number of different programming languages or
frameworks for building Web applications. However, this plethora of technologies
makes Web applications’ source code hard to comprehend and understand,
thus deteriorating both their debugging and their maintenance costs.
In this context, a number of proposals have been put forward to solve
this problem. While, on one hand, there are techniques that analyze the entire
source code of Web applications, the diversity of available implementation
technology makes these techniques return unsatisfactory results. On the other
hand, there are also techniques that dynamically (but blindly) explore the applications
by running them and analyzing the results of randomly exploring
them. In this case the results are better, but there is always the chance that
some part of the application might be left unexplored.
This thesis investigates if an hybrid approach combining static analysis and
dynamic exploration of the user interface can provide better results. FREIA, a
framework developed in the context of this thesis, is capable of analyzing Web
applications automatically, deriving structural and behavioral interface models
from them.Mesmo decorridos tantos anos desde a sua génese, a Internet continua a crescer.
Este crescimento aplica-se não só ao número de utilizadores como também ao
número de diferentes linguagens de programação e frameworks utilizadas para
a construção de aplicações Web. No entanto, esta pletora de tecnologias leva
a que o código fonte das aplicações Web seja difícil de compreender e analisar,
deteriorando tanto o seu depuramento como os seus custos de manutenção.
Neste contexto, foram desenvolvidas algumas propostas com intuito de resolver
este problema. Não obstante, por um lado, existirem técnicas que analisam
a totalidade do código fonte das aplicações Web, a diversidade das tecnologias
de implementação existentes fazem com que estas técnicas gerem
resultados insatisfatórios. Por outro lado, existem também técnicas que, dinamicamente
(apesar de cegamente), exploram as aplicações, executando-as e
analisando os resultados da sua exploração aleatória. Neste caso, os resultados
são melhores, mas corremos o risco de ter deixado alguma parte da aplicação
por explorar.
Esta tese investiga se uma abordagem híbrida, combinando a análise estática
com a exploração dinâmica da interface do utilizador consegue produzir
melhores resultados. FREIA, uma framework desenvolvida no contexto desta
tese é capaz de, automaticamente, analisar aplicações Web, derivando modelos
estruturais e comportamentais da interface das mesmas.Esta investigação foi financiada pela Fundação para a Ciência e Tecnologia através
da concessão de uma bolsa de doutoramento (SFRH/BD/71136/2010) no âmbito
do Programa Operacional Potencial Humano (POPH), comparticipado pelo Fundo
Social Europeu e por fundos nacionais do QREN
Composition de services basée sur les relations sociales entre objets dans l’IoT Service composition based on social relations between things in IoT
With the rapid development of service-oriented computing applications and social Internet ofthings (SIoT), it is becoming more and more difficult for end-users to find relevant services to create value-added composite services in this big data environment. Therefore, this work proposes S-SCORE (Social Service Composition based on Recommendation), an approach for interactive web services composition in SIoT ecosystem for end-users. The main contribution of this work is providing a novel recommendation approach, which enables to discover and suggest trustworthy and personalized web services that are suitable for composition. The first proposed model of recommendation aims to face the problem of information overload, which enables to discover services and provide personalized suggestions for users without sacrificing the recommendation accuracy. To validate the performance of our approach, seven variant algorithms of different approaches (popularity-based, user-based and item-based) are compared using MovieLens 20M dataset. The experiments show that our model improves the recommendation accuracy by 12% increase with the highest score among compared methods. Additionally it outperforms the compared models in diversity over all lengths of recommendation lists. The second proposed approach is a novel recommendation mechanism for service composition, which enables to suggest trustworthy and personalized web services that are suitable for composition. The process of recommendation consists of online and offline stages. In the offline stage, two models of similarity computation are presented. Firstly, an improved users’ similarity model is provided to filter the set of advisors for an active user. Then, a new service collaboration model is proposed that based on functional and non-functional features of services, which allows providing a set of collaborators
for the active service. The online phase makes rating prediction of candidate services based on a hybrid algorithm that based on collaborative filtering technique. The proposed method gives considerable improvement on the prediction accuracy. Firstly, it achieves the lowest value in MAE (Mean Absolute Error) metric and the highest coverage values than other compared traditional collaborative filtering-based prediction approaches
Technical debt-aware and evolutionary adaptation for service composition in SaaS clouds
The advantages of composing and delivering software applications in the Cloud-Based Software as a Service (SaaS) model are offering cost-effective solutions with minimal resource management. However, several functionally-equivalent web services with diverse Quality of Service (QoS) values have emerged in the SaaS cloud, and the tenant-specific requirements tend to lead the difficulties to select the suitable web services for composing the software application. Moreover, given the changing workload from the tenants, it is not uncommon for a service composition running in the multi-tenant SaaS cloud to encounter under-utilisation and over-utilisation on the component services that affects the service revenue and violates the service level agreement respectively. All those bring challenging decision-making tasks: (i) when to recompose the composite service? (ii) how to select new component services for the composition that maximise the service utility over time? at the same time, low operation cost of the service composition is desirable in the SaaS cloud. In this context, this thesis contributes an economic-driven service composition framework to address the above challenges. The framework takes advantage of the principal of technical debt- a well-known software engineering concept, evolutionary algorithm and time-series forecasting method to predictively handle the service provider constraints and SaaS dynamics for creating added values in the service composition. We emulate the SaaS environment setting for conducting several experiments using an e-commerce system, realistic datasets and workload trace. Further, we evaluate the framework by comparing it with other state-of-the-art approaches based on diverse quality metrics
FROM USER-GENERATED-CONTENT TO STRUCTURED KNOWLEDGE EXPLORING MULTI-ASPECT SENTENCE REPRESENTATION AND PROTOTYPE HIERARCHY BASED CATEGORIZATION FOR ORGANIZATION OF TEXT COLLECTIONS
Ph.DDOCTOR OF PHILOSOPH
Miniaturized Transistors, Volume II
In this book, we aim to address the ever-advancing progress in microelectronic device scaling. Complementary Metal-Oxide-Semiconductor (CMOS) devices continue to endure miniaturization, irrespective of the seeming physical limitations, helped by advancing fabrication techniques. We observe that miniaturization does not always refer to the latest technology node for digital transistors. Rather, by applying novel materials and device geometries, a significant reduction in the size of microelectronic devices for a broad set of applications can be achieved. The achievements made in the scaling of devices for applications beyond digital logic (e.g., high power, optoelectronics, and sensors) are taking the forefront in microelectronic miniaturization. Furthermore, all these achievements are assisted by improvements in the simulation and modeling of the involved materials and device structures. In particular, process and device technology computer-aided design (TCAD) has become indispensable in the design cycle of novel devices and technologies. It is our sincere hope that the results provided in this Special Issue prove useful to scientists and engineers who find themselves at the forefront of this rapidly evolving and broadening field. Now, more than ever, it is essential to look for solutions to find the next disrupting technologies which will allow for transistor miniaturization well beyond silicon’s physical limits and the current state-of-the-art. This requires a broad attack, including studies of novel and innovative designs as well as emerging materials which are becoming more application-specific than ever before
ARTIFICIAL IMMUNE SYSTEMS FOR INFORMATION FILTERING: FOCUSING ON PROFILE ADAPTATION
The human immune system has characteristics such as self-organisation, robustness and adaptivity that may be useful in the development of adaptive systems. One suitable application area for adaptive systems is Information Filtering (IF). Within the context of IF, learning and adapting user profiles is an important research area. In an individual profile, an IF system has to rely on the ability of the user profile to maintain a satisfactory level of filtering accuracy for as long as it is being used. This thesis explores a possible way to enable Artificial Immune Systems (AIS) to filter information in the context of profile adaptation. Previous work has investigated this issue from the perspective of self-organisation based on Autopoetic Theory. In contrast, this current work approaches the problem from the perspective of diversity inspired by the concept of dynamic clonal selection and gene library to maintain sufficient diversity. An immune inspired IF for profile adaptation is proposed and developed. This algorithm is demonstrated to work in detecting relevant documents by using a single profile to recognize a user’s interests and to adapt to changes in them. We employed a virtual user tested on a web document corpus to test the profile on learning of an emerging new topic of interest and forgetting uninteresting topics. The results clearly indicate the profile’s ability to adapt to frequent variations and radical changes in user interest. This work has focused on textual information, but it may have the potential to be applied in other media such as audio and images in which adaptivity to dynamic environments is crucial. These are all interesting future directions in which this work might develop