Filters








27 Hits in 4.3 sec

EventHandler-Based Analysis Framework for Web Apps Using Dynamically Collected States [chapter]

Joonyoung Park, Kwangwon Sun, Sukyoung Ryu
2018 Lecture Notes in Computer Science  
In this paper, we propose a novel EventHandler (EH )-based static analysis for web apps using dynamically collected state information.  ...  Unlike traditional whole-program analyses, the EH -based analysis intentionally analyzes partial execution flows using concrete user events.  ...  In this paper, we propose a novel EventHandler -based ( EH-based) static analysis for web apps using dynamically collected state information. First, we present a new analysis unit, an EH .  ... 
doi:10.1007/978-3-319-89363-1_8 fatcat:kwndxuyplzdjvjbrq5ii64w4sa

Eclipse-IT 2013: Proceedings of VIII Workshop of the Italian Eclipse Community [article]

Elvinia Riccobene
2013 arXiv   pre-print
frameworks, tools and runtimes for building, deploying and managing software.  ...  Around Eclipse, an international live community continuously works on improving the framework and on promoting the use of Eclipse. That happens also in Italy.  ...  Currently we use it in conjunction with the following state-of-art development tools: Maven (for project management), FindBugs (for code analysis), Spring Tool Suite (to work with Spring Framework),  ... 
arXiv:1310.2464v1 fatcat:m536dwffsndhbl2mi3tqfmq7uu

Sensitive Information Tracking in Commodity IoT [article]

Z. Berkay Celik, Leonardo Babun, Amit K. Sikder, Hidayet Aksu, Gang Tan, Patrick McDaniel, A. Selcuk Uluagac
2018 arXiv   pre-print
Through this effort, we introduce a rigorously grounded framework for evaluating the use of sensitive information in IoT apps---and therein provide developers, markets, and consumers a means of identifying  ...  In this paper, we present SainT, a static taint analysis tool for IoT applications.  ...  This work is also partially supported by the US National Science Foundation (Awards: NSF-CAREER-CNS-1453647, NSF-1663051) and Florida Center for Cybersecurity (FC2)'s Capacity Building Program (Award#:  ... 
arXiv:1802.08307v1 fatcat:uc55f2yqr5bpxjmkwkio64xahq

R-Droid

Michael Backes, Sven Bugiel, Erik Derr, Sebastian Gerling, Christian Hammer
2016 Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security - ASIA CCS '16  
Building on top of precise application lifecycle models, we employ a slicing-based analysis to generate data-dependent statements for arbitrary points of interest in an application.  ...  Moreover, by re-targeting strings, our approach enables automatic assessments for a larger number of use-cases than prior work.  ...  Acknowledgments This work was supported by the German Federal Ministry for Education and Research (BMBF) under project VFIT (16KIS0345) through funding for the Center for IT-Security, Privacy and Accountability  ... 
doi:10.1145/2897845.2897927 dblp:conf/ccs/0001BDG016 fatcat:7ipbrrg4jncfhd6rur2bfybpyq

A Mutation Framework for Evaluating Security Analysis tools in IoT Applications [article]

Manar H. Alalfi, Sajeda Parveen, Bara Nazzal
2021 arXiv   pre-print
To the best of our knowledge, our framework is the first framework to address the need for evaluating taint-flow analysis tools and specifically those developed for IoT SmartThings applications.  ...  To ensure information security, we require better security analysis tools for IoT applications.  ...  The framework can be used to accurately measure the recall and precision of taint flow analysis tools for IoT apps.  ... 
arXiv:2110.05562v1 fatcat:g7epw34mvjb25dasqhzbk4chve

Behavior model construction for client side of modern web applications

Weiwei Wang, Junxia Guo, Zheng Li, Ruilian Zhao
2021 Tsinghua Science and Technology  
Therefore, in this paper, to appropriately describe the dynamic behavior of the client side of Web applications, we define a novel Client-side Behavior Model (CBM) for Web applications and present a user  ...  behavior trace-based modeling method to automatically generate and optimize CBMs.  ...  [20, 38] described a technique for crawling Ajax-based applications through automatic dynamic analysis of user interface state changes in Web browsers. Mirshokraie et al.  ... 
doi:10.26599/tst.2019.9010043 fatcat:6qzmb4viizhazm36ahxu37zipq

Literature Review to Collect Conceptual Variables of Scenario Methods for Establishing a Conceptual Scenario Framework [article]

Young-Min Baek
2022 arXiv   pre-print
However, despite the widespread use of scenarios, there have been several challenges for engineers to more willingly utilize scenario-based engineering approaches (i.e., scenario methods) in their projects  ...  The results showed that our conceptual model and its constituent scenario variables adequately support the understanding of a scenario method and provide a means for comparative analysis between different  ...  In the survey, initial raw publications were first collected using the most well-known search engines in the engineering and science fields, Scopus and Web of Science (WoS).  ... 
arXiv:2205.08290v1 fatcat:vq5tl43dqffxro75gm2dhven5u

A self-adaptive context processing framework for wireless sensor networks

Amirhosein Taherkordi, Romain Rouvoy, Quan Le-Trung, Frank Eliassen
2008 Proceedings of the 3rd international workshop on Middleware for sensor networks - MidSens '08  
[11] propose a SOAP-based Web services, called Tiny web services, for WSNs.  ...  To this end, the Web Services framework proposes several important guidelines for efficient use of TCP/IP and web services on sensor networks, including the use of persistent TCP connections, disabling  ...  and distributed for the use of both homogenous and heterogeneous systems.  ... 
doi:10.1145/1462698.1462700 dblp:conf/middleware/TaherkordiRTE08 fatcat:nkkejin3iregzle5jlrsppm3c4

Predicting sensitive information leakage in IoT applications using flows-aware machine learning approach [article]

Hajra Naeem, Manar H. Alalfi
2022 arXiv   pre-print
The approach focuses on a category of vulnerabilities that leads to sensitive information leakage which can be identified by using taint flow analysis.  ...  When compared to a base Bag of Words (BoW) approach, the experiments show that the proposed approach has improved the AUC of the prediction models for all algorithms and the best case for Corpus1 dataset  ...  The framework produces around 18 different versions (mutants) for each SmartApp from the base benign Dataset.  ... 
arXiv:2201.02677v1 fatcat:cd5k6dlmjjgohoasv6hsvqwqve

Rethinking the library OS from the top down

Donald E. Porter, Silas Boyd-Wickizer, Jon Howell, Reuben Olinsky, Galen C. Hunt
2011 SIGARCH Computer Architecture News  
We also show that our library OS can address many of the current uses of hardware virtual machines at a fraction of the overheads.  ...  Tools for collecting filesystem and registry changes are well understood and deployed with products such as Microsoft Application Virtualization (App-V) and VMWare ThinApp [37] .  ...  We used static analysis on the application binaries to roughly approximate the required set of API DLLs, and then refined the set with dynamic instrumentation by monitoring DLL load operations issued during  ... 
doi:10.1145/1961295.1950399 fatcat:npjo7yw4uvawjayxmutr7appty

Rethinking the library OS from the top down

Donald E. Porter, Silas Boyd-Wickizer, Jon Howell, Reuben Olinsky, Galen C. Hunt
2011 Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems - ASPLOS '11  
We also show that our library OS can address many of the current uses of hardware virtual machines at a fraction of the overheads.  ...  Tools for collecting filesystem and registry changes are well understood and deployed with products such as Microsoft Application Virtualization (App-V) and VMWare ThinApp [37] .  ...  We used static analysis on the application binaries to roughly approximate the required set of API DLLs, and then refined the set with dynamic instrumentation by monitoring DLL load operations issued during  ... 
doi:10.1145/1950365.1950399 dblp:conf/asplos/PorterBHOH11 fatcat:jrx2kxnwkzhejgribshbgvs6t4

Constrained Wiki: The WikiWay to Validating Content

Angelo Di Iorio, Francesco Draicchio, Fabio Vitali, Stefano Zacchiroli
2012 Advances in Human-Computer Interaction  
Constrained wikis is our generic framework for wikis to implement validators of community-specific constraints and conventions that preserve the WikiWay and their open collaboration features.  ...  modules or external services) used in a nonintrusive way.  ...  Suffice it to mention the Google Apps framework, (http:// www.google.com/apps/) a rich set of web-based tools for personal use, companies, and educational institutions.  ... 
doi:10.1155/2012/893575 fatcat:q6cspqkec5hkbdhrnclzuoasuu

Process Integration [chapter]

Lachlan Aldred
2009 Modern Business Process Automation  
i Dedicated to my wife Thongkham Aldred for her patience, and to my daughter Monikha Aldred for her interest in all things scientific. ii iii Abstract Technologies and languages for integrated processes  ...  While BPM systems increased ease of use (modelling convenience), long-standing and complex interactions involving many process instances remained difficult to model.  ...  This chapter presents a framework for understanding integration coupling. That framework can be used to assess middleware capabilities, and No.  ... 
doi:10.1007/978-3-642-03121-2_19 fatcat:4m7pco7va5awtpoia2fb7b3qau

Fear and Logging in the Internet of Things

Qi Wang, Wajih Ul Hassan, Adam Bates, Carl Gunter
2018 Proceedings 2018 Network and Distributed System Security Symposium   unpublished
root cause (e.g., a malicious app).  ...  We prototype ProvThings for the Samsung SmartThings platform, and benchmark the efficacy of our approach against a corpus of 26 IoT attacks.  ...  ACKNOWLEDGEMENTS We thank our shepherd Aziz Mohaisen and the anonymous reviewers for their comments and suggestions.  ... 
doi:10.14722/ndss.2018.23282 fatcat:bugih7tctrggnpwlcnkdbvanwa

Cascadia

Evan Welbourne, Nodira Khoussainova, Julie Letchner, Yang Li, Magdalena Balazinska, Gaetano Borriello, Dan Suciu
2008 Proceeding of the 6th international conference on Mobile systems, applications, and services - MobiSys '08  
Third, it automatically detects the specified events, forwards them to registered applications and stores them for later use (e.g., for historical queries).  ...  First, it allows application developers and even users to specify events using either a declarative query language or an intuitive visual language based on direct manipulation.  ...  ACKNOWLEDGEMENTS We would like to thank the anonymous reviewers for their helpful comments on early drafts of this paper.  ... 
doi:10.1145/1378600.1378631 dblp:conf/mobisys/WelbourneKLLBBS08 fatcat:ls2grwzm6nc6xgqsl7rtxau2ne
« Previous Showing results 1 — 15 out of 27 results