Protecting Internet Users with Epilepsy or Chronic Migraine from Graphic-Based Attacks

Flagging graphics interchangeable formats (GIFs) on personal devices are essential to protect users with epilepsy or chronic migraine. The research broke GIFs into frames and compared consecutive frames in pairs with three conditions: the ratio of average intensity, percentage of dangerous pixels, and hertz value. First, the average intensity of each frame is calculated using the formula: 0.299 * red + 0.587 * green + 0.114 * blue (Sedgewick & Wayne, 2017), for each pixel in the frame. Next, to obtain the percentage of dangerous pixels, each pixel of the same location from the two frames is compared. The absolute value of the difference between intensities of the pixels is found. A value less than 128.0 (Sedgewick & Wayne, 2017) is incompatible. Then, the ratio of incompatible and different pixels is obtained, which is multiplied by the ratio of different and total pixels. Finally, if the hertz value, inverse of the duration of each frame divided by 1000, falls within 3 to 30 (Wirrell & Hernandez), the GIF can be potentially dangerous. Thus, three threat levels, risky, dangerous, and extreme, have been established if one, two, or three conditions are met, respectively. After taking these results, viewers can be notified so that they can be protected from potential graphic-based attacks. Keywords: epilepsy; chronic migraine; graphics interchangeable format; Sedgewick, R., & Wayne, K. (2017). Object-Oriented Programming. Computer science an interdisciplinary approach. Addison-Wesley Professional. (pp. 330-381). Boston: Addision-Wesley. Wirrell, E., & Hernandez, A. (Eds.). (2019). Photosensitivity and Seizures. Epilepsy. https://www.epilepsy.com/learn/triggers-seizures/photosensitivity-and-seizur

Holistic Assessment of Student’s Learning Outcome

The use of holistic assessment may have some potential benefits. Academicians need to develop courses in such ways that offer students teaching and learning materials, experiences and tasks that are relevant in the real world.  In addition, holistic assessment help to ensure that curriculum is designed to manifest real world tasks and provide challenging situations that stimulates the students.  Assessing these learning outcomes could be tricky, and no one modality could really capture a learner’s proficiency of learning content. This paper focused on the holistic assessment of student learning outcomes and their implications to curriculum planning. It also proffers some recommendations that could help in enhancing educational service delivery

A Process-Based Approach to ABET Accreditation: A Case Study of a Cybersecurity and Digital Forensics Program

ABET accreditation has become a well-known standard for academic programs not only in the U.S. but also across the globe. Instantiating the processes to systematically improve the quality of programs is a daunting task for higher education institutions. In this contribution, we provide a detailed process-based framework that can assist aspiring institutions to embed quality in their processes leading to ABET accreditation. Our contribution is a novel framework for a process-based approach to quality assurance, as most of the published literature is primarily concerned with the experience of ABET accreditation of a solitary program. However, in this paper, we have presented a generic framework that ABET aspiring programs can instantiate in their preparation for ABET accreditation. We have validated these processes in our successful ABET accreditation application of the Bachelor of Science in Cybersecurity and Digital Forensics program. Our existing ABET-accredited programs were following old ABET criteria and the Bachelor of Science in Cybersecurity and Digital Forensics program must apply based on the new criteria proposed by ABET. Another novelty of our contribution is that it is based on our work for the first application cycle for ABET cybersecurity-related programs, so the findings of our contribution may assist other aspiring cybersecurity related academic programs to well prepare in their ABET accreditation pursuit

The effectiveness of simulated robots for supporting the learning of introductory programming: a multi-case case study

This work investigates the effectiveness of simulated robots as tools to support the learning of programming. After the completion of a Systematic Review and exploratory research a multi-case case study was undertaken. A simulator, named Kebot, was developed and used to run four ten-hour programming workshops. Twenty-three student participants (aged sixteen to eighteen) in addition to twenty-three pre-service, and three in-service, teachers took part. The effectiveness of this intervention was determined by considering opinions, attitudes and motivation as well as by analysing students’ programming performance. Pre- and post-questionnaires, in- and post-workshop exercises and interviews were used. Participants enjoyed learning using the simulator and believed the approach to be valuable and engaging. The performance of students indicates that the simulator aids learning as most completed tasks to a satisfactory standard. Evidence suggests robot simulators can offer an effective means of introducing programming. Recommendations to support the development of other simulators are provided.This is the accepted manuscript. The final version is available from Taylor & Francis at http://www.tandfonline.com/doi/full/10.1080/08993408.2014.963362#.VGH9boXziEo

A unit design : learning to code with Finches

The purpose of this project was to develop a coding unit for students in grades 5-8 as an introductory programming course using the programming language SNAP! with a Finch robotics platform. The robotics platform provides a means of student engagement that allows them to complete computer programming challenges that drive interest and motivation. A series of five major learning activities were created as part of a middle school technology exploratory course. The beta testers included the four course instructors and around 30 of middle school student volunteers. The designed unit was implemented once as a pilot, and was being implemented for the second time after making some modifications. The preliminary findings show that students enjoyed learning about basic programming concepts, or coding, and would be interested in pursuing similar types of projects and teachers had a positive experience. This model could be expanded to a full-term course as more modules are completed

Graphical Editor for DataLab (GEDL) : a graphical editor for specifying and synthesizing abstract data types

This report describes the Graphical Editor part of DataLab, a visual programming tool for the specification and synthesis of abstract data types (ADTs). DataLab consists of two major components: graphical editor and source code generator. The graphical editor is used to design an abstract data structure and its operations by direct manipulation of data objects. The code generator uses the graphical editor's internal data structure to generate target source code. DataLab is powerful enough to specify most elementary and intermediate data structures. However, the main result of this work has been to understand the benefits and limitations of graphical (visual) programming within the narrow domain of ADT synthesis. Experiments suggest that graphical programming is useful in some aspects of programming, and textual programming remains the most effective in other aspects

Виявлення шкідливих вхідних параметрів у веб-застосунках

Обсяг роботи 119 сторінок, 20 ілюстрацій, 37 таблиць, 2 додатки, 18 джерел літератури. Метою даної дипломної роботи є розв'язання проблеми захисту веб-застосунків від атак типу включення шкідливих параметрів та передових методів обходу існуючих механізмів захисту. Об’єктом дослідження є перевірка вхідних параметрів веб-застосунків на наявність шкідливих конструкцій. Предметом дослідження є метод токенізації, удосконалений за допомогою спеціальної моделі побудови правил для виявлення шкідливих конструкцій. Результати роботи викладені у вигляді правил для синтаксичного та лексичного аналізу у розширеній формі Бекуса-Наура, а також програмній реалізації мовою програмування Python3 з використанням ANTLR4. Також наведені результати тестування отриманого рішення та порівняння його з наявний. Отримані результати можуть бути використані при розробці програмного забезпечення для захисту веб-застосунків від атак, таких як Web Application Firewall, Intrusion Prevention/Detection System та інших подібних продуктів.The work includes 119 pages, 20 pictures, 37 tables, 2 appendixes, 18 literary references. The purpose of this work is to solve the problem of protecting web applications from attacks such as the inclusion of malicious parameters and advanced methods of bypassing existing security mechanisms. The object of the study is checking the input parameters of web applications for malicious constructions. The subject of the study is the method of tokenization, improved with the help of a special model of building rules for the detection of malevolent structures. The results of the work are presented in the form of rules for syntactic and lexical analysis in the extended Backus-Naur form, as well as software implementation in Python3 programming language using ANTLR4. The results of testing for the obtained solution and comparing it with the existing one are also given. The obtained results can be used in the development of software for protection of web applications from attacks such as Web Application Firewall, Intrusion Prevention / Detection System, and other similar products

Um metamodelo para apoiar a formalização de convenções de codificação

Orientador: Leonardo MontecchiDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: As convenções de codificação são um meio de melhorar a confiabilidade dos sistemas de software. Elas podem ser estabelecidas por vários motivos, desde melhorar a legibilidade do código até evitar a introdução de falhas de segurança. No entanto, convenções de codificação geralmente vêm na forma de documentos textuais em linguagem natural, o que as torna difíceis de gerenciar e aplicar. Seguindo os princípios de engenharia orientados a modelos, nesta dissertação, propomos uma abordagem e uma linguagem para especificar convenções de codificação usando modelos estruturados. Chamamos tal linguagem de Coding Conventions Specification Language (CCSL). Também propomos uma transformação de modelo para gerar automaticamente verificadores a partir de uma especificação CCSL para encontrar violações das regras especificadas. Para avaliar a proposta, realizamos dois experimentos. O primeiro experimento tem como objetivo avaliar o metamodelo CCSL, enquanto o outro tem como objetivo verificar a capacidade dos verificadores de encontrar violações da regra especificada nos códigos Java. Os resultados obtidos são promissores e sugerem que a abordagem proposta é viável. No entanto, eles também destacam que muitos desafios ainda precisam ser superados. No primeiro experimento, analisamos um total de 216 regras individuais de dois grandes conjuntos de convenções de codificação existentes. No geral, foi possível representar 63% das regras de codificação consideradas usando nossa linguagem. No segundo experimento, selecionamos 53 regras dentre as implementadas na ferramenta PMD (um analisador de código popular) para comparar os resultados entre nossa ferramenta e a ferramenta PMD em três projetos reais. Em geral, alcançamos resultados iguais ou melhores da ferramenta PMD em mais da metade das regras selecionadas (79%), enquanto apenas 6% das regras não puderam ser especificadas usando nossa linguagem. Nas regras restantes, os resultados apresentados foram diferentes para cada uma das ferramentas. Concluímos discutindo instruções para trabalhos futurosAbstract: Coding conventions are a means to improve the reliability of software systems. They can be established for many reasons, ranging from improving the readability of code to avoiding the introduction of security flaws. However, coding conventions often come in the form of textual documents in natural language, which makes them hard to be managed and to enforced. Following model-driven engineering principles, in this dissertation we propose an approach and language for specifying coding conventions using structured models. We call this language Coding Conventions Specification Language (CCSL). We also propose a model transformation to concretely generate checkers to find violations of the rules specified with our language. To evaluate the proposal, we performed two experiments. The first experiment aims to evaluate the Coding Conventions Specification Language metamodel, while the other aims to check the capability of the derived checkers to find violations of the specified rule in Java codes. The obtained results are promising and suggest that the proposed approach is feasible. However, they also highlight that many challenges still need to be overcome. In the first experiment, we analyzed a total of 216 individual rules from two large sets of existing coding conventions. Overall, it was possible to represent 63% of the considered coding rules using our language. In the second experiment, we selected 53 rules from those implemented in the PMD tool to compare the results between our tool and the PMD tool in three real projects. In general, we achieve equal or better results of the PMD tool in more than half of the selected rules (79%), while only 6% of the rules could not be specified using our language. There are also cases where PMD performed better than our approach (9%) as well as cases where the results were different for each of the tools (6%). We conclude by discussing directions for future worksMestradoCiência da ComputaçãoMestre em Ciência da Computação2018/11129-8FAPES

A software development platform based on components for mobile devices

Orientador: Eleri CardozoDissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Eletrica e de ComputaçãoResumo: Este trabalho apresenta uma infra-estrutura para auxílio ao desenvolvimento de software baseado em componentes para dispositivos móveis com baixo poder de processamento e armazenamento. Esta infra-estrutura baseia-se em um modelo de componentes neutro em termos de tecnologia e especificado inteiramente em UML (Unified Modeling Language). A plataforma utiliza Web Services para comunicação síncrona entre os componentes. Um Serviço de Notificação baseado em documentos XML (Extensible Markup Language) foi desenvolvido para suporte a notificação assíncrona entre componentes. Um exemplo de aplicação na área de gerência de redes ilustra as funcionalidades da infra-estruturaAbstract: This work presents an infrastructure for supporting component-based software development for mobile devices with limited resources regarding processing power and storage. This infrastructure is based on a neutral component model in terms of technology and specified entirely in UML (Unified Modeling Language). The platform employs Web Services for synchronous communication between components. A Notification Service based on XML (Extensible Markup Language) documents was developed in order to support asynchronous communication among the components. An example of application in the field of network management illustrates the functionalities of the infrastructureMestradoEngenharia de ComputaçãoMestre em Engenharia Elétric