International Journal of Web Science (5 papers in press)
Creating Web Signature for Each Individual User and Its Various Applications
by Rozita Jamili Oskouei
Abstract: In this paper we describe our experiments and their results to generate unique Web signature for students with exploring proxy servers access log files for varying periods from 15 to 90 continuous days and study its relationships with their time spent on Internet , academic performance and participating in curricular activities . Further, we demonstrate the usage of this Web signature to identify outliers in student community based on their different behavioral dimensions. k-means and DBSCAN clustering methods are used to identify outliers in student community on the basis of time spent, CPI, and Signature length. Our results contradicts widely held perception that access and usage of Internet have adverse effects on academic performance. It seems to contribute positively in academic performance. The major applications of Web-signature are:rn Help to administrators for predicting the more overload timing per day and plan for that. rn Grouping users based on their similarity of contents of Web-Signatures and establishing social network between those users based on their similar behaviors. There are several benefits for creating this social network, such as: rno Help to fresher students for connecting to professional and expert people who are working in similar domains and discuss about problems or difficulties especially in educational environments. In fast one of the main usage of the Web Signature would be creating a social network between different students in all around the world based on their similarity of interests or behaviors in Internet for exchanging knowledge with together.
Keywords: Web Signature; Access log files; Academic performance; outliers detection; Behavior mining.
Mitigation of SQL Injection Vulnerability during Development of Web Applications
by Navdeep Kaur, Parminder Kaur
Abstract: SQL Injection (SQLI) attack is consistently proliferating across the globe. According to Open Web Application Security Project (OWASP) Top Ten Cheat Sheet-2014, SQLI is at top in the list of online attacks. The cause of spread of SQLI is thought to be Unsecure Software Engineering. The Software Development process itself appears to look at security as an add-on to be checked and deployed towards the end of the software development lifecycle (SDLC) which leads to vulnerabilities in web applications. This paper is an attempt to integrate security during development of web application. The paper introduces a grounds-up approach for developing SQLI free web application. The process of occurrence of SQLI attack is discussed with the help of suitable example. Various security activities desired to mitigate SQLI during Software Development Life Cycle are discussed.
Keywords: SQL Injection,SQLI; Software Security; Software Development Lifecycle; Threat Modeling; Security Requirements.
A Systematic Literature Review in Fault Analysis for IoT
by Guru Prasad Bhandari, Ratneshwer Gupta
Abstract: Internet of Things (IoT) is a system where devices, sensors, and equipment are connected to a network and can communicate data for tracking, analysis, and action. Even IoT has drawn increasing attention and became a promising technology in all types of areas within half a decade, it has some serious challenges to handle fault in IoT system too. Our goal is to gain insight into the current status in fault analysis of IoT as published to date. The objective of this Systematic Literature Review(SLR) is to summarize the current state of the art of fault analysis in the Internet of Things (IoT). Predefined systematic literature review method has been used and five reputed digital libraries; SpringerLink, IEEE Explore, ACM Digital Library, ScienceDirect, and Scopus have been taken to search research papers about fault associated with IoTs. After applying inclusion and exclusion selection criteria, this systematic literature review includes 68 papers published between January 2012 and September 2017, 15 papers addressed different aspects of IoT fault, 37 addressed recovery methods for IoT-fault, and 28 research papers including 3 review-based papers addressed IoT-issues and challenges in fault handling. The findings of this systematic review further provide empirical evidence for establishing future IoT related fault research agendas.
Keywords: IoT; Faults; Security; Internet of Things; Distributed Systems; Systematic Literature Review;.
Novel Boolean Functions for Generating Cryptographic Stream Ciphers
by Dheeraj Kumar Sharma, Rajoo Pandey
Abstract: In this paper, two constructions of balanced Boolean functions are reported by using powers of primitive elements of Galois field of order 2n. These balanced Boolean functions are useful in generating pseudorandom stream ciphers. The lower bound of the nonlinearity which decides immunity against cryptographic attacks such as linear, correlation attack is calculated. The results indicate that these Boolean functions for small number of input variables obtain greater lower bound of nonlinearity in comparison to existing Boolean functions. Moreover, algebraic degree, algebraic immunity and fast algebraic immunity which decide linear complexity and resistance to algebraic attack are also determined, and it is observed that the proposed Boolean functions possess high algebraic degree, optimum algebraic immunity and good resistance to fast algebraic attack which are equivalent or better than that of other existing Boolean functions.
Keywords: Boolean function; cryptography; nonlinearity; stream ciphers; algebraic immunity; fast algebraic attack; algebraic degree; pseudorandom generator; S-Box; univariate polynomial representation.
Lack of multimedia tools in intervention support for running systems
by Malin Wik, John Sören Pettersson
Abstract: Engrafting support staff into dialogues between users and customer support systems can compensate for system design flaws. Further, such dialogues can give grounds for system development. This article surveys the levels of interactivity of user support systems, where overt or covert support agents take an active part in the communication between a customer and a system.
The main purpose is to demonstrate the prevailing lack of multimedia outputs in the tools supporting human intervention in systems with a graphical user interface (GUI). This is followed by an account of experimentation with human support engrafted in a web system that has a fuller range of GUI expression. The experiment explores the possibility of using multimedia in intervention in human-computer interaction and how such intervention can be built when it is not yet part of the augmented system.
Keywords: Multimedia tools; intervention support; running systems; engrafting support; customer support; user support systems; multimedia output; graphical user interface; GUI; web services; human-computer interaction; web science; interactive systems; Wizard of Oz; user involvement.