Computer Sciences Commons^™

The Moral Implications Of Software Piracy, Kyle Hamrick

Student Scholarship – Computer Science

Computer software is integrated into almost every aspect of our professional and personal lives. Much of this software requires payment for use and is legally protected by the copyright system. This paper examines and analyzes the arguments pertaining to the moral use of protected software (digital piracy). The three arguments presented are the “victimless crime” argument, the “noble justification” argument, and the “willing but unable argument.” These three arguments claim that piracy is morally justified in certain cases, and claim that software providers are not harmed in such situations. The three arguments are tested against counter-arguments, and it is discovered …

Analysis Of 3d Cone-Beam Ct Image Reconstruction Performance On A Fpga, Devin Held

Electronic Thesis and Dissertation Repository

Efficient and accurate tomographic image reconstruction has been an intensive topic of research due to the increasing everyday usage in areas such as radiology, biology, and materials science. Computed tomography (CT) scans are used to analyze internal structures through capture of x-ray images. Cone-beam CT scans project a cone-shaped x-ray to capture 2D image data from a single focal point, rotating around the object. CT scans are prone to multiple artifacts, including motion blur, streaks, and pixel irregularities, therefore must be run through image reconstruction software to reduce visual artifacts. The most common algorithm used is the Feldkamp, Davis, and …

Regulatory Compliance-Oriented Impediments And Associated Effort Estimation Metrics In Requirements Engineering For Contractual Systems Engineering Projects, Md Rashed I. Nekvi

Electronic Thesis and Dissertation Repository

Large-scale contractual systems engineering projects often need to comply with a myriad of government regulations and standards as part of contractual fulfillment. A key activity in the requirements engineering (RE) process for such a project is to elicit appropriate requirements from the regulations and standards that apply to the target system. However, there are impediments in achieving compliance due to such factors as: the voluminous contract and its high-level specifications, large number of regulatory documents, and multiple domains of the system. Little empirical research has been conducted on developing a shared understanding of the compliance-oriented complexities involved in such projects, …

Android Drone: Remote Quadcopter Control With A Phone, Aubrey John Russell

Computer Engineering

The purpose of the “Android Drone” project was to create a quadcopter that can be controlled by user input sent over the phone’s Wi-Fi connection or 4G internet connection. Furthermore, the purpose was also to be able to receive live video feedback over the internet connection, thus making the drone an inexpensive option compared to other, equivalent drones that might cost thousands of dollars. Not only that, but the Android phone also has a host of other useful features that could be utilized by the drone: this includes GPS, pathing, picture taking, data storage, networking and TCP/IP, a Java software …

Implementation And Testing Of A Book Lookup System For The Robert E. Kennedy Library, Casey C. Sheehan

Computer Science and Software Engineering

The goal of this senior project centered around improving the quality of student and teacher experiences when visiting the library. The task of finding a book amongst the shelves is an arduous one, which I felt could be improved upon through implementation and testing of a Book Lookup system for the Cal Poly Robert E. Kennedy Library. Development for this project was done using a Python framework. Testing and earlier designs were also created using JavaScript and PHP. Repeated tests were conducted on the accuracy of the software and its ability to decrease user search-time when compared to conventional methods.

Ios Application For Inventory In Small Retail Stores, Andrea Savage

Computer Science and Software Engineering

Currently, small retail stores with low technology budgets such as those right here in San Luis Obispo are struggling to integrate new technologies into their companies. This mobile application built for iOS with a Firebase backend is seeking to remove their barriers to entry. I built this application to give small retail stores a customizable application that allows them to display products electronically to customers and maintain accurate inventory both in one place. The construction of this application hinged around three major design decisions: UI design of the color management views, organization of the database, and accessing the database with …

Microstructural Analysis Of Thermoelastic Response, Nonlinear Creep, And Pervasive Cracking In Heterogeneous Materials, Alden C. Cook

Electronic Theses and Dissertations

This dissertation is concerned with the development of robust numerical solution procedures for the generalized micromechanical analysis of linear and nonlinear constitutive behavior in heterogeneous materials. Although the methods developed are applicable in many engineering, geological, and materials science fields, three main areas are explored in this work. First, a numerical methodology is presented for the thermomechanical analysis of heterogeneous materials with a special focus on real polycrystalline microstructures obtained using electron backscatter diffraction techniques. Asymptotic expansion homogenization and finite element analysis are employed for micromechanical analysis of polycrystalline materials. Effective thermoelastic properties of polycrystalline materials are determined and compared …

Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky

Articles

Security is hard, and teaching security can be even harder. Here we describe a public educational activity to assist in the instruction of both students and developers in creating secure Android apps. Our set of activities includes example vulnerable applications, information about each vulnerability, steps on how to repair the vulnerabilities, and information about how to confirm that the vulnerability has been properly repaired. Our primary goal is to make these activities available to other instructors for use in their classrooms ranging from the K-12 to university settings. A secondary goal of this project is to foster interest in security …

Just In Time Assembly (Jita) - A Run Time Interpretation Approach For Achieving Productivity Of Creating Custom Accelerators In Fpgas, Sen Ma

Graduate Theses and Dissertations

The reconfigurable computing community has yet to be successful in allowing programmers to access FPGAs through traditional software development flows. Existing barriers that prevent programmers from using FPGAs include: 1) knowledge of hardware programming models, 2) the need to work within the vendor specific CAD tools and hardware synthesis. This thesis presents a series of published papers that explore different aspects of a new approach being developed to remove the barriers and enable programmers to compile accelerators on next generation reconfigurable manycore architectures. The approach is entitled Just In Time Assembly (JITA) of hardware accelerators. The approach has been defined …

Metroeye: Smart Tracking Your Metro Rips Underground, Weixi Gu, Ming Jin, Zimu Zhou, Costas J. Spanos, Lin Zhang

Research Collection School Of Computing and Information Systems

Metro has become the first choice of traveling for tourists and citizens in metropolis due to its efficiency and convenience. Yet passengers have to rely on metro broadcasts to know their locations because popular localization services (e.g. GPS and wireless localization technologies) are often inaccessible underground. To this end, we propose MetroEye, an intelligent smartphone-based tracking system for metro passengers underground. MetroEye leverages low-power sensors embedded in modern smartphones to record ambient contextual features, and infers the state of passengers (Stop, Running, and Interchange) during an entire metro trip using a Conditional Random Field (CRF) model. MetroEye further provides arrival …

Security Testing With Misuse Case Modeling, Samer Yousef Khamaiseh

Boise State University Theses and Dissertations

Having a comprehensive model of security requirements is a crucial step towards developing a reliable software system. An effective model of security requirements which describes the possible scenarios that may affect the security aspects of the system under development can be an effective approach for subsequent use in generating security test cases.

Misuse case was first proposed by Sinder and Opdahl as an approach to extract the security requirements of the system under development [1]. A misuse case is a use case representing scenarios that might be followed by a system adversary in order to compromise the system; that is …

Semeo: A Semantic Equivalence Analysis Framework For Obfuscated Android Applications, Zhen Hu

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to ren- der security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for further analysis. If an effective mechanism for filtering out benign obfuscated methods were available, the number of methods that must be analyzed could be reduced, allowing analysts to be more productive. In this thesis, we introduce SEMEO, a highly effective and …

Using Software Testing Techniques To Infer Biological Models, Mikaela Cashman

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Years of research in software testing has given us novel ways to reason about and test the behavior of complex software systems that contain hundreds of thousands of lines of code. Many of these techniques have been inspired by nature such as genetic algorithms, swarm intelligence, and ant colony optimization. However, they use a unidirectional analogy – taking from nature without giving back.

In this thesis we invert this view and ask if we can utilize techniques from testing and modeling of highly-configurable software systems to aid in the emerging field of systems biology which aims to model and predict …

Demystifying And Puncturing The Inflated Delay In Smartphone-Based Wifi Network Measurement, Weichao Li, Daoyuan Wu, Rocky K. C. Chang, Ricky K. P. Mok

Research Collection School Of Computing and Information Systems

Using network measurement apps has become a very effective approach to crowdsourcing WiFi network performance data. However, these apps usually measure the user-level performancemetrics instead of the network-level performance which is important for diagnosing performance problems. In this paper we report for the first time that a major source of measurement noises comes from the periodical SDIO (Secure Digital Input Output) bus sleep inside the phone. The additional latency introduced by SDIO and Power Saving Mode can inflate and unstablize network delay measurement significantly. We carefully design and implement a scheme to wake up the phone for delay measurement by …

D-Watch: Embracing "Bad" Multipaths For Device-Free Localization With Cots Rfid Devices, Ju Wang, Jie Xiong, Hongbo Jiang, Xiaojiang Chen, Dingyi Fang

Research Collection School Of Computing and Information Systems

Device-free localization, which does not require any device attached to the target is playing a critical role in many applications such as intrusion detection, elderly monitoring, etc. This paper introduces D-Watch, a device-free system built on top of low cost commodity-off-the-shelf (COTS) RFID hardware. Unlike previous works which consider multipaths detrimental, D-Watch leverages the "bad" multipaths to provide a decimeter level localization accuracy without offline training. D-Watch harnesses the angle-of-arrival (AoA) information from the RFID tags' backscatter signals. The key intuition is that whenever a target blocks a signal's propagation path, the signal power experiences a drop which can be …

Careermapper: An Automated Resume Evaluation Tool, Vivian Lai, Kyong Jin Shim, Richard J. Oentaryo, Philips K. Prasetyo, Casey Vu, Ee-Peng Lim, David Lo

Research Collection School Of Computing and Information Systems

The advent of the Web brought about major changes in the way people search for jobs and companies look for suitable candidates. As more employers and recruitment firms turn to the Web for job candidate search, an increasing number of people turn to the Web for uploading and creating their online resumes. Resumes are often the first source of information about candidates and also the first item of evaluation in candidate selection. Thus, it is imperative that resumes are complete, free of errors and well-organized. We present an automated resume evaluation tool called 'CareerMapper'. Our tool is designed to conduct …

Collective Personalized Change Classification With Multiobjective Search, Xin Xia, David Lo, Xinyu Wang, Xiaohu Yang

Research Collection School Of Computing and Information Systems

Many change classification techniques have been proposed to identify defect-prone changes. These techniques consider all developers' historical change data to build a global prediction model. In practice, since developers have their own coding preferences and behavioral patterns, which causes different defect patterns, a separate change classification model for each developer can help to improve performance. Jiang, Tan, and Kim refer to this problem as personalized change classification, and they propose PCC+ to solve this problem. A software project has a number of developers; for a developer, building a prediction model not only based on his/her change data, but also on …

Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work

Chancellor’s Honors Program Projects

No abstract provided.

Towards Learning And Verifying Invariants Of Cyber-Physical Systems By Code Mutation, Yuqi Chen, Christopher M. Poskitt, Jun Sun

Research Collection School Of Computing and Information Systems

Cyber-physical systems (CPS), which integrate algorithmic control with physical processes, often consist of physically distributed components communicating over a network. A malfunctioning or compromised component in such a CPS can lead to costly consequences, especially in the context of public infrastructure. In this short paper, we argue for the importance of constructing invariants (or models) of the physical behaviour exhibited by CPS, motivated by their applications to the control, monitoring, and attestation of components. To achieve this despite the inherent complexity of CPS, we propose a new technique for learning invariants that combines machine learning with ideas from mutation testing. …

Towards Learning And Verifying Invariants Of Cyber-Physical Systems By Code Mutation, Yuqi Chen, Christopher M. Poskitt, Jun Sun

Research Collection School Of Computing and Information Systems

Cyber-physical systems (CPS), which integrate algorithmic control with physical processes, often consist of physically distributed components communicating over a network. A malfunctioning or compromised component in such a CPS can lead to costly consequences, especially in the context of public infrastructure. In this short paper, we argue for the importance of constructing invariants (or models) of the physical behaviour exhibited by CPS, motivated by their applications to the control, monitoring, and attestation of components. To achieve this despite the inherent complexity of CPS, we propose a new technique for learning invariants that combines machine learning with ideas from mutation testing. …

Towards Concolic Testing For Hybrid Systems, Pingfan Kong, Yi Li, Xiaohong Chen, Jun Sun, Meng Sun, Jingyi Wang

Research Collection School Of Computing and Information Systems

Hybrid systems exhibit both continuous and discrete behavior. Analyzing hybrid systems is known to be hard. Inspired by the idea of concolic testing (of programs), we investigate whether we can combine random sampling and symbolic execution in order to effectively verify hybrid systems. We identify a sufficient condition under which such a combination is more effective than random sampling. Furthermore, we analyze different strategies of combining random sampling and symbolic execution and propose an algorithm which allows us to dynamically switch between them so as to reduce the overall cost. Our method has been implemented as a web-based checker named …

Automated Verification Of Timed Security Protocols With Clock Drift, Li Li, Jun Sun

Research Collection School Of Computing and Information Systems

Time is frequently used in security protocols to provide better security. For instance, critical credentials often have limited lifetime which improves the security against brute-force attacks. However, it is challenging to correctly use time in protocol design, due to the existence of clock drift in practice. In this work, we develop a systematic method to formally specify as well as automatically verify timed security protocols with clock drift. We first extend the previously proposed timed applied ππ -calculus as a formal specification language for timed protocols with clock drift. Then, we define its formal semantics based on timed logic rules, …

Specification And Analysis Of Resource Utilization Policies For Human-Intensive Systems, Seung Yeob Shin

Doctoral Dissertations

Contemporary systems often require the effective support of many types of resources, each governed by complex utilization policies. Sound management of these resources plays a key role in assuring that these systems achieve their key goals. To help system developers make sound resource management decisions, I provide a resource utilization policy specification and analysis framework for (1) specifying very diverse kinds of resources and their potentially complex resource utilization policies, (2) dynamically evaluating the policies’ effects on the outcomes achieved by systems utilizing the resources, and (3) formally verifying various kinds of properties of these systems. Resource utilization policies range …

Combining Static And Dynamic Analysis For Bug Detection And Program Understanding, Kaituo Li

Doctoral Dissertations

This work proposes new combinations of static and dynamic analysis for bug detection and program understanding. There are 3 related but largely independent directions: a) In the area of dynamic invariant inference, we improve the consistency of dynamically discovered invariants by taking into account second-order constraints that encode knowledge about
invariants; the second-order constraints are either supplied by the programmer or vetted by the programmer (among candidate constraints suggested automatically); b) In the area of testing dataflow (esp. map-reduce) programs, our tool, SEDGE, achieves higher testing coverage by leveraging existing
input data and generalizing them using a symbolic reasoning engine …

Rapid Deployment Indoor Localization Without Prior Human Participation, Han Xu, Zimu Zhou, Longfei Shangguan

Research Collection School Of Computing and Information Systems

In this work, we propose RAD, a RApid Deployment localization framework without human sampling. The basic idea of RAD is to automatically generate a fingerprint database through space partition, of which each cell is fingerprinted by its maximum influence APs. Based on this robust location indicator, fine-grained localization can be achieved by a discretized particle filter utilizing sensor data fusion. We devise techniques for CIVD-based field division, graph-based particle filter, EM-based individual character learning, and build a prototype that runs on commodity devices. Extensive experiments show that RAD provides a comparable performance to the state-of-the-art RSSbased methods while relieving it …

Improving Quality Of Use Case Documents Through Learning And User Interaction, Shuang Liu, Jun Sun, Hao Xiao, Bimlesh Wadhwa, Jin Song Dong, Xinyu Wang

Research Collection School Of Computing and Information Systems

Use cases are widely used to capture user requirements based on interactions between different roles in the system. They are mostly documented in natural language and sometimes aided with graphical illustrations in the form of use case diagrams. Use cases serve as an important means to communicate among stakeholders, requirement engineers and system engineers as they are easy to understand and are produced early in the software development process. Having high quality use cases are beneficial in many ways, e.g., in avoiding inconsistency/incompleteness in requirements, in guiding system design, in generating test cases. In this work, we propose an approach …

Towards Using Concurrent Java Api Correctly, Shuang Liu, Guangdong Bai, Jun Sun, Jin Song Dong

Research Collection School Of Computing and Information Systems

Concurrent Programs are hard to analyze or debug due to the complex program logic and unpredictable execution environment. In practice, ordinary programmers often adopt existing well-designed concurrency related API (e.g., those in java.util.concurrent) so as to avoid dealing with these issues. These API can however often be used incorrectly, which results in hardto-debug concurrent bugs. In this work, we propose an approach for enforcing the correct usage of concurrency-related Java API. Our idea is to annotate concurrency-related Java classes with annotations related to misuse of these API and develop lightweight type checker to detect concurrent API misuse based on the …

Neural Network Models For Software Development Effort Estimation: A Comparative Study, Ali Bou Nassif, Mohammad Azzeh, Luiz Fernando Capretz, Danny Ho

Electrical and Computer Engineering Publications

Software development effort estimation (SDEE) is one of the main tasks in software project management. It is crucial for a project manager to efficiently predict the effort or cost of a software project in a bidding process, since overestimation will lead to bidding loss and underestimation will cause the company to lose money. Several SDEE models exist; machine learning models, especially neural network models, are among the most prominent in the field. In this study, four different neural network models – Multilayer Perceptron, General Regression Neural Network, Radial Basis Function Neural Network, and Cascade Correlation Neural Network – are compared …

Game Development Software Engineering Process Life Cycle: A Systematic Review, Saiqa Alemm, Luiz Fernando Capretz, Faheem Ahmed

Electrical and Computer Engineering Publications

Software game is a kind of application that is used not only for entertainment, but also for serious purposes that can be applicable to different domains such as education, business, and health care. Multidisciplinary nature of the game development processes that combine sound, art, control systems, artificial intelligence (AI), and human factors, makes the software game development practice different from traditional software development. However, the underline software engineering techniques help game development to achieve maintainability, flexibility, lower effort and cost, and better design. The purpose of this study is to assesses the state of the art research on the game …

A Survey On Wireless Indoor Localization From The Device Perspective, Jiang Xiao, Zimu Zhou, Youwen Yi, Lionel M. Ni

Research Collection School Of Computing and Information Systems

With the marvelous development of wireless techniques and ubiquitous deployment of wireless systems indoors, myriad indoor location-based services (ILBSs) have permeated into numerous aspects of modern life. The most fundamental functionality is to pinpoint the location of the target via wireless devices. According to how wireless devices interact with the target, wireless indoor localization schemes roughly fall into two categories: device based and device free. In device-based localization, a wireless device (e.g., a smartphone) is attached to the target and computes its location through cooperation with other deployed wireless devices. In device-free localization, the target carries no wireless devices, while …