The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In most cases, web applications communicate with web services (SOAP and RESTful). The former act as a front-end to the latter, which contain the business logic. A hacker might not have direct access to those web services (e.g., they are not on public networks), but can still provide malicious inputs to the web application, thus potentially compromising related services. Typical examples are XML injection...
Security testing is a pivotal activity in engineering secure software. It consists of two phases: generating attack inputs to test the system, and assessing whether test executions expose any vulnerabilities. The latter phase is known as the security oracle problem. In this work, we present SOFIA, a Security Oracle for SQL-Injection Vulnerabilities. SOFIA is programming-language and source-code independent,...
A grand challenge in knowledge representation is building the intelligent systems for Science Technology Engineering and Math (STEM) Education. In math education, the intelligent problem solver (IPS) must have sufficient knowledge to solve problems automatically, and their solutions are natural, step-by-step and can be understand by the learners. Besides that, Solid geometry is a hardly subject of...
Web application firewalls are an indispensable layer to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their sophistication require that firewalls be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on web application firewalls and SQL injection attacks. We present a machine learning-based...
Though customer databases are so important, they can be sold under 95/46/EC and Data Protection Act law. This is a potential business. However, this business are encountering a big problem that purchaser wants to illegally distribute his database. We call them attacker. Attacker can use many schemes such as attribute, collusion and complimentary attack to achieve his goal. We have improved the technique...
Wireless Sensor Networks (WSNs) become more and more popular nowadays. They are applied not only in civilian but also in military. However, when having numerous data, we have to preserve them secretly and can acknowledge which information we need. In this paper, while keeping data privacy, we focus on four queries: value query, range query, outlier query and hot items. Moreover, we can identify outlier...
Web services evolve frequently to meet new business demands and opportunities. However, service changes may affect service compositions that are currently consuming the services. Hence, audit testing (a form of regression testing in charge of checking for compatibility issues) is needed. As service compositions are often in continuous operation and the external services have limited (expensive) access...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.