The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This tutorial provides developers with practical guidance for securely implementing Java Serialization. Java deserialization is a clear and present danger as its widely used both directly by applications and indirectly by Java subsystems such as RMI (Remote Method Invocation), JMX (Java Management Extension), JMS (Java Messaging System). Deserialization of untrusted streams can result in remote code...
Software assurance tools - tools that scan the source or binary code of a program to find weaknesses - are the first line of defense in assessing the security of a software project. These tools can catch flaws in a program that can affect both the correctness and safety of the code. This tutorial is relevant to anyone wanting to understand how those tools work, and learn how to use these automated...
In this work, we introduce a Deep Neural Network model for automated software categorization. The model is ableto form high-level concepts from low-level code tokens andto distinguish important features such as API calls and identifiersin order to support software categorization. Our empirical evaluationshows that DNN outperformed other machine learning approacheswith 15.9–36.4% higher accuracy in...
Video tutorials are an emerging form of documentation in software engineering and can efficiently provide developers with useful information needed for their daily tasks. However, to get the information they need, developers have to find the right tutorial for their task at hand. Currently, there is little information available to quickly judge whether a tutorial is relevant to a topic or helpful...
This paper briefly proposes a technique to detect energy inefficient fragments in the source code of a software system. Test cases are executed to obtain energy consumption measurements, and a statistical method, based on spectrum-basedfault localization, is introduced to relate energy consumption to the system's source code. The result of our technique is an energy ranking of source code fragments...
Feature-oriented software development (FOSD) has recently emerged as a promising approach for developing a collection of similar software products from a shared set of software assets. A well-recognized issue in FOSD is the analysis of feature interactions: cases where the integration of multiple features would alter the behavior of one or several of them. Existing approaches to detecting feature...
Refactoring restructures a program to improve itsreadability and maintainability, without changing its originalbehavior. One of the key steps in refactoring is the identification ofpotential refactoring opportunities. In this paper, we discuss therelevance of two popular refactorings "Replace Type Code withSubclass" and "Replace Type Code with State" in real world Javaapplications...
Code duplication is widely recognized as a potentially harmful code smell for the maintenance of software systems. In this demonstration, we present a tool, developed as part of the JDeodorant Eclipse plug-in, which offers cutting-edge features for the analysis and refactoring of clones found in Java projects. https://youtu.be/K xAEqIEJ-4
Most of existing research in Test-Case Prioritization uses coverage information as the input during the process of prioritization and these coverage can be classfied into two categories: static coverage and dynamic coverage. As these coverage information are collected in different ways, they have different influence on test-case prioritization. In this work, we present the first empirical study comparing...
A/B testing is the experiment strategy, which is often used on web or mobile application development. In A/B testing, a developer has to implement multiple variations of application, assign each variation to a subset of the entire user population randomly, and analyze log data to decide which variation should be used as a final product. Therefore, it is challenging to keep the application code clean...
The capability of an expert system to acquire performance similar to the human ones allows its application in various areas of knowledge. In higher education institutions one of the activities that require the knowledge of an expert and a considerable time, is the validation of academic credits analysis requested by students coming from other courses or institutions. In this context, this study aimed...
The development and delivery of secure software is a challenging task, that gets even harder when the developer tries to adhere to both application and organization-specific security requirements translated into security guidelines. These guidelines serve as best practices or recommendations that help reduce application exposure to vulnerabilities, and provide hints about the application's adherence...
While modern web development technologies enhancethe capabilities of web applications, they introduce challengesfor testers. This paper introduces, evaluates, and refinesweb mutation operators that target interaction faults in web applications. An experimental study is conducted on 11 subject webapplications using 15 web mutation operators. The effectivenessof 12 independently developed test sets...
In this paper we are proposing a proficient approach of using flat files or synthetic files as database. Realizing that there are much of disadvantages of using text file as a database, in this literature we are striving to reduce some specific hindrances with the help of regular expressions (regex). Regular expression is therefore an unbelievable powerful language which is no longer just for the...
This paper presents a web based system for remote monitoring and control of set-top boxes. The goal of the proposed system is to provide flexible control over set-top box from remote location, in order to enable test engineers, test technicians and developers to remotely access set-top box and execute different tests on it. By using the proposed system it is possible to save resources and shorten...
EvoSuite is a mature research prototype that automatically generates unit tests for Java code. This paper summarizes the results and experiences of Evo Suite's participation at the third unit testing competition at SBST 2015. An unfortunate issue of conflicting dependency versions in two out of the nine benchmark projects reduced Evo Suite's overall score to 190.6, leading to the overall second rank.
Internet code search is quite popular research area. StackOverflow allows developers to ask and answer questions about code. Previous approach to search code on StackOverflow uses tf-idf method that based on number of occurrences of words to recommend source code. This method has the disadvantage that variable or method identifiers are considered as normal words, even though identifiers are often...
Code obfuscation techniques are widely used in industry to increase protection of source code and intellectual property. The idea is that even if attackers gain hold of source code, it will be hard for them to understand what it does and how. Thus obfuscation techniques are specifically targeted at human comprehension of code. We suggest that the ideas and experience embedded in obfuscations can be...
Context: Branching and merging are common activities in large-scale software development projects. Isolated development with branching enables developers to focus their effort on their specific tasks without wasting time on the problems caused by other developers’ changes. After the completion of tasks in branches, such branches should be integrated into common branches by merging. When conflicts...
Testing and testing code are critical to maintaining modern, evolving systems. Yet generating a good set of relevant test cases that covers what is important remains a difficult task. We propose a new approach to generating test cases through the use of code search. Open source repositories have made an enormous amount of code available. These contain unit tests for a wide variety of programs where...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.