• Title/Summary/Keyword: Detecting Programming

Search Result 51, Processing Time 0.023 seconds

A Reusable SQL Injection Detection Method for Java Web Applications

  • He, Chengwan;He, Yue
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.6
    • /
    • pp.2576-2590
    • /
    • 2020
  • The fundamental reason why most SQL injection detection methods are difficult to use in practice is the low reusability of the implementation code. This paper presents a reusable SQL injection detection method for Java Web applications based on AOP (Aspect-Oriented Programming) and dynamic taint analysis, which encapsulates the dynamic taint analysis processes into different aspects and establishes aspect library to realize the large-grained reuse of the code for detecting SQL injection attacks. A metamodel of aspect library is proposed, and a management tool for the aspect library is implemented. Experiments show that this method can effectively detect 7 known types of SQL injection attack such as tautologies, logically incorrect queries, union query, piggy-backed queries, stored procedures, inference query, alternate encodings and so on, and support the large-grained reuse of the code for detecting SQL injection attacks.

An Adaptive Algorithm for Plagiarism Detection in a Controlled Program Source Set (제한된 프로그램 소스 집합에서 표절 탐색을 위한 적응적 알고리즘)

  • Ji, Jeong-Hoon;Woo, Gyun;Cho, Hwan-Gue
    • Journal of KIISE:Software and Applications
    • /
    • v.33 no.12
    • /
    • pp.1090-1102
    • /
    • 2006
  • This paper suggests a new algorithm for detecting the plagiarism among a set of source codes, constrained to be functionally equivalent, such are submitted for a programming assignment or for a programming contest problem. The typical algorithms largely exploited up to now are based on Greedy-String Tiling, which seeks for a perfect match of substrings, and analysis of similarity between strings based on the local alignment of the two strings. This paper introduces a new method for detecting the similar interval of the given programs based on an adaptive similarity matrix, each entry of which is the logarithm of the probabilities of the keywords based on the frequencies of them in the given set of programs. We experimented this method using a set of programs submitted for more than 10 real programming contests. According to the experimental results, we can find several advantages of this method compared to the previous one which uses fixed similarity matrix(+1 for match, -1 for mismatch, -2 for gap) and also can find that the adaptive similarity matrix can be used for detecting various plagiarism cases.

A Task Centered Scratch Programming Learning Program for Enhancing Learners' Problem Solving Abilities (문제해결력 향상을 위한 과제 중심 스크래치 프로그래밍 학습 프로그램)

  • Lee, EunKyoung
    • The Journal of Korean Association of Computer Education
    • /
    • v.12 no.6
    • /
    • pp.1-9
    • /
    • 2009
  • Programming learning may help to enhance learners' complex problem solving abilities. However, it may cause excessive cognitive loads for learners. Therefore, selection of programming tools and design of teaching and learning strategies to minimize the learners' cognitive loads and to maximize the learning effects. A task centered Scratch programming learning program was developed to enhance problem solving abilities of middle school students. And then, we implemented the developed program in middle school programming classes and analysed the educational effects of the developed program. We found that the developed program was helpful in enhancing learners' problem solving abilities, especially in the element of 'troubleshooting', which explains ability of error detecting and correcting.

  • PDF

A Track Scoring Function Development for Airborne Target Detection Using Dynamic Programming

  • Won, Dae-Yeon;Shim, Sang-Wook;Kim, Keum-Seong;Tahk, Min-Jea;Kim, Eung-Tai
    • International Journal of Aeronautical and Space Sciences
    • /
    • v.13 no.1
    • /
    • pp.99-105
    • /
    • 2012
  • Track-before-detect techniques based on dynamic programming have provided solutions for detecting targets from a sequence of images. In its application to airborne threat detection, dynamic programming solutions should take into account the distinguishable properties of objects in a collision course. This paper describes the development of a new track scoring function that accumulates scores for airborne targets in Bayesian framework. Numerical results show that the proposed scoring function has slightly better detection capabilities.

Generic Obstacle Detection on Roads by Dynamic Programming and Remapping of Stereo Images to a Virtual Top-View (스테레오영상의 가상의 탑뷰변환과 동적계획법에 의한 도로상의 장애물 검출)

  • Lee Ki Yong;Lee Joon Woong
    • Journal of Institute of Control, Robotics and Systems
    • /
    • v.11 no.5
    • /
    • pp.418-422
    • /
    • 2005
  • In this paper, a novel algorithm capable of detecting generic obstacles on a flat surface is proposed. The algorithm fundamentally exploits a distortion phenomena taken place in remapping process of original stereo images to a virtual top-view. Based on the distortion phenomena, we construct stereo polar histograms of edge maps, detect peaks on them, and search for matched peaks on both histograms using a Dynamic Programming (DP). Eventually, the searched corresponding peaks lead to estimate obstacles' positions. The advantages of the proposed algorithm are that it is not largely affected by an intensity difference between a pair of stereo images and does not depend on the typical stereo matching methodologies. Furthermore, the algorithm identifies the obstacles' positions quite robustly.

Stereo-Vision Based Road Slope Estimation and Free Space Detection on Road (스테레오비전 기반의 도로의 기울기 추정과 자유주행공간 검출)

  • Lee, Ki-Yong;Lee, Joon-Woong
    • Journal of Institute of Control, Robotics and Systems
    • /
    • v.17 no.3
    • /
    • pp.199-205
    • /
    • 2011
  • This paper presents an algorithm capable of detecting free space for the autonomous vehicle navigation. The algorithm consists of two main steps: 1) estimation of longitudinal profile of road, 2) detection of free space. The estimation of longitudinal profile of road is detection of v-line in v-disparity image which is corresponded to road slope, using v-disparity image and hough transform, Dijkstra algorithm. To detect free space, we detect u-line in u-disparity image which is a boundary line between free space and obstacle's region, using u-disparity image and dynamic programming. Free space is decided by detected v-line and u-line. The proposed algorithm is proven to be successful through experiments under various traffic scenarios.

A Programmable Electronic Systems Dedicated to Safety Related Applications (안전성이 요구되는 응용분야에 사용하는 프로그램 가능한 전자시스템)

  • Jeong, Sun-Gi;Wolfgang A. Halang;Coen Bron
    • The Transactions of the Korea Information Processing Society
    • /
    • v.1 no.4
    • /
    • pp.438-451
    • /
    • 1994
  • A low complexity, fault detecting computer architecture for utilisation in programmable logic controllers is designed. The cyclic operating mode of PLCs and a specification level, graphical programming paradigm based on the interconnection of application oriented standard software function modules are architecturally supported. Thus, by design, there is no semantic gap between the programming and machine execution levels enabling the safety licensing of application software by an extremely simple, but rigorous method, viz, diverse back translation.

  • PDF

A Study on Software Security Vulnerability Detection Using Coding Standard Searching Technique (코딩 표준 검색 기법을 이용한 소프트웨어 보안 취약성 검출에 관한 연구)

  • Jang, Young-Su
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.5
    • /
    • pp.973-983
    • /
    • 2019
  • The importance of information security has been increasingly emphasized at the national, organizational, and individual levels due to the widespread adoption of software applications. High-safety software, which includes embedded software, should run without errors, similar to software used in the airline and nuclear energy sectors. Software development techniques in the above sectors are now being used to improve software security in other fields. Secure coding, in particular, is a concept encompassing defensive programming and is capable of improving software security. In this paper, we propose a software security vulnerability detection method using an improved coding standard searching technique. Public static analysis tools were used to assess software security and to classify the commands that induce vulnerability. Software security can be enhanced by detecting Application Programming Interfaces (APIs) and patterns that can induce vulnerability.

A Method for Security Strengthening of Web Application using AOP (AOP를 이용한 웹 애플리케이션의 보안성 강화 방안)

  • Sun, Soo-Rim;Lee, Keum-Suck
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.2
    • /
    • pp.119-128
    • /
    • 2009
  • As use of web applications and web-based information systems increases, so web application attacks are increasing. Recently, XSRF(Gross Site Request Forgery) attacks among a variety of web attacks become important because victim's damage caused by such attacks can be severe. But adding security functions for preventing XSRF attacks to existing developed and running software systems could affect move dangerous and expensive to companies and organizations. We suggest effectively adding these security functions to legacy systems, could separate concerns using advantage of the modularity offered by AOP(Aspect-Oriented Programming) methodology. In this paper, we have presented approach for detecting and preventing XSRF in JEE systems using aspect of AOP.

Automated Measurement System of Carotid Artery Intima-Media Thickness based on Dynamic Programming (다이나믹 프로그래밍 기반 경동맥 내막-중막 두께 자동측정 시스템)

  • Lee, Yu-Bu;Kim, Myoung-Hee
    • Journal of the Korea Society for Simulation
    • /
    • v.16 no.1
    • /
    • pp.21-29
    • /
    • 2007
  • In this paper, we present a method of detecting the boundary of the intima-media complex for automated measurement based on dynamic programming from carotid artery B-mode ultrasound images and then show the experimental results. We apply the dynamic programming for determining the optimal locations that a cost function is minimized. The cost function includes cost terms which are representing image features such as intensity, intensity gradient and geometrical continuity of the vessel interfaces. Moreover, we improve the boundary continuity by applying the B-spline to smooth the rough boundary due to noise such as speckle, dropout and weak edges. The proposed method has obtained more accurate reproducible results than conventional edge-detection by considering multiple image features and ensures efficient automated measurement by solving the problems of the inter- and intra-observer variability and its inefficiency due to manual measurement.

  • PDF