Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication Year
- Publication
- Publication Type
Articles 31 - 43 of 43
Full-Text Articles in Computer Sciences
An Empirical Assessment Of Bellon's Clone Benchmark, Alan Charpentier, Jean-Rémy Falleri, David Lo, Laurent Reveillere
An Empirical Assessment Of Bellon's Clone Benchmark, Alan Charpentier, Jean-Rémy Falleri, David Lo, Laurent Reveillere
Research Collection School Of Computing and Information Systems
Context: Clone benchmarks are essential to the assessment and improvement of clone detection tools and algorithms. Among existing benchmarks, Bellon's benchmark is widely used by the research community. However, a serious threat to the validity of this benchmark is that reference clones it contains have been manually validated by Bellon alone. Other persons may disagree with Bellon's judgment. Objective: In this paper, we perform an empirical assessment of Bellon's benchmark. Method: We seek the opinion of eighteen participants on a subset of Bellon's benchmark to determine if researchers should trust the reference clones it contains. Results: Our experiment shows that …
To What Extent Could We Detect Field Defects? An Extended Empirical Study Of False Negatives In Static Bug Finding Tools, Ferdian Thung, Lucia Lucia, David Lo, Lingxiao Jiang, Foyzur Rahman, Premkumar Devanbu
To What Extent Could We Detect Field Defects? An Extended Empirical Study Of False Negatives In Static Bug Finding Tools, Ferdian Thung, Lucia Lucia, David Lo, Lingxiao Jiang, Foyzur Rahman, Premkumar Devanbu
Research Collection School Of Computing and Information Systems
Software defects can cause much loss. Static bug-finding tools are designed to detect and remove software defects and believed to be effective. However, do such tools in fact help prevent actual defects that occur in the field and reported by users? If these tools had been used, would they have detected these field defects, and generated warnings that would direct programmers to fix them? To answer these questions, we perform an empirical study that investigates the effectiveness of five state-of-the-art static bug-finding tools (FindBugs, JLint, PMD, CheckStyle, and JCSC) on hundreds of reported and fixed defects extracted from three open …
An Empirical Study Of Adoption Of Software Testing In Open Source Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
An Empirical Study Of Adoption Of Software Testing In Open Source Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
David LO
In software engineering, testing is a crucial activity that is designed to ensure the quality of program code. For this activity, software teams spend substantial resources constructing test cases to thoroughly assess the correctness of software functionality. What is the proportion of open source projects that include test cases? What is the effect of number of developers on the number of test cases? In this study, we explore open source projects and investigate the correlation between the presence of test cases and various project development characteristics, including the number of lines of code, the size of development teams and the …
A Conceptual Framework For Measuring The Quality Aspect Of Mobile Learning, Luiz Fernando Capretz, Abdalha Ali, Abdelkader Ouda
A Conceptual Framework For Measuring The Quality Aspect Of Mobile Learning, Luiz Fernando Capretz, Abdalha Ali, Abdelkader Ouda
Luiz Fernando Capretz
With the continuing growth of mobile phones outpacing that of desktops and laptops, mobile phones are the new personal computer. These devices started becoming increasingly sophisticated and extremely powerful. In addition to making phone calls it have the capabilities to perform variety functions, one of the most important functions using it as a classroom tool. However, mobile phone applications must be designed and developed with respect to different technologies skills, learning capabilities and language proficiency in order to be accepted by wide audiences (e.g., students, instructors). However, there is much work that has been done to measure the quality of …
Missing Requirements Information And Its Impact On Software Architectures: A Case Study, Md Rounok Salehin
Missing Requirements Information And Its Impact On Software Architectures: A Case Study, Md Rounok Salehin
Electronic Thesis and Dissertation Repository
[Context & motivation] In the development of large, software-intensive systems, the system’s requirements are seldom, if ever, concluded upon prior to commencing with systems architecture. Research shows that, in order to manage development and domain complexities, instances of requirements engineering (RE) and systems architecting (SA) processes tend to inter-weave. [Question/problem] However, missing requirements information can cause one to create (or recreate) the needed information during different SA activities. While backtracking in the software development process is known to be costly, the costs associated with missing requirements in the SA process have not been investigated empirically. [Principal ideas/results] We …
An Empirical Study Of Adoption Of Software Testing In Open Source Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
An Empirical Study Of Adoption Of Software Testing In Open Source Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
Research Collection School Of Computing and Information Systems
In software engineering, testing is a crucial activity that is designed to ensure the quality of program code. For this activity, software teams spend substantial resources constructing test cases to thoroughly assess the correctness of software functionality. What is the proportion of open source projects that include test cases? What is the effect of number of developers on the number of test cases? In this study, we explore open source projects and investigate the correlation between the presence of test cases and various project development characteristics, including the number of lines of code, the size of development teams and the …
Maps Of Lessons Learnt In Requirements Engineering, Ibtehal Noorwali
Maps Of Lessons Learnt In Requirements Engineering, Ibtehal Noorwali
Electronic Thesis and Dissertation Repository
Both researchers and practitioners have emphasized the importance of learning from past experiences and its consequential impact on project time, cost, and quality. However, from the survey we conducted of requirements engineering (RE) practitioners, over 70\% of the respondents stated that they seldom use RE lessons in the RE process, though 85\% of these would use such lessons if readily available. Our observation, however, is that RE lessons are scattered, mainly implicitly, in the literature and practice, which obviously, does not help the situation. We, therefore, present ``maps” of RE lessons which would highlight weak (dark) and strong (bright) areas …
Mining Sql Injection And Cross Site Scripting Vulnerabilities Using Hybrid Program Analysis, Lwin Khin Shar, Hee Beng Kuan Tan, Lionel C. Briand
Mining Sql Injection And Cross Site Scripting Vulnerabilities Using Hybrid Program Analysis, Lwin Khin Shar, Hee Beng Kuan Tan, Lionel C. Briand
Research Collection School Of Computing and Information Systems
In previous work, we proposed a set of static attributes that characterize input validation and input sanitization code patterns. We showed that some of the proposed static attributes are significant predictors of SQL injection and cross site scripting vulnerabilities. Static attributes have the advantage of reflecting general properties of a program. Yet, dynamic attributes collected from execution traces may reflect more specific code characteristics that are complementary to static attributes. Hence, to improve our initial work, in this paper, we propose the use of dynamic attributes to complement static attributes in vulnerability prediction. Furthermore, since existing work relies on supervised …
Adoption Of Software Testing In Open Source Projects: A Preliminary Study On 50,000 Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
Adoption Of Software Testing In Open Source Projects: A Preliminary Study On 50,000 Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
David LO
In software engineering, testing is a crucial activity that is designed to ensure the quality of program code. For this activity, development teams spend substantial resources constructing test cases to thoroughly assess the correctness of software functionality. What is however the proportion of open source projects that include test cases? What kind of projects are more likely to include test cases? In this study, we explore 50,000 projects and investigate the correlation between the presence of test cases and various project development characteristics, including the lines of code and the size of development teams.
Predicting Sql Injection And Cross Site Scripting Vulnerabilities Through Mining Input Sanitization Patterns, Lwin Khin Shar, Hee Beng Kuan Tan
Predicting Sql Injection And Cross Site Scripting Vulnerabilities Through Mining Input Sanitization Patterns, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
ContextSQL injection (SQLI) and cross site scripting (XSS) are the two most common and serious web application vulnerabilities for the past decade. To mitigate these two security threats, many vulnerability detection approaches based on static and dynamic taint analysis techniques have been proposed. Alternatively, there are also vulnerability prediction approaches based on machine learning techniques, which showed that static code attributes such as code complexity measures are cheap and useful predictors. However, current prediction approaches target general vulnerabilities. And most of these approaches locate vulnerable code only at software component or file levels. Some approaches also involve process attributes that …
Adoption Of Software Testing In Open Source Projects: A Preliminary Study On 50,000 Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
Adoption Of Software Testing In Open Source Projects: A Preliminary Study On 50,000 Projects, Pavneet Singh Kochhar, Tegawende F. Bissyande, David Lo, Lingxiao Jiang
Research Collection School Of Computing and Information Systems
In software engineering, testing is a crucial activity that is designed to ensure the quality of program code. For this activity, development teams spend substantial resources constructing test cases to thoroughly assess the correctness of software functionality. What is however the proportion of open source projects that include test cases? What kind of projects are more likely to include test cases? In this study, we explore 50,000 projects and investigate the correlation between the presence of test cases and various project development characteristics, including the lines of code and the size of development teams.
A Conceptual Framework For Measuring The Quality Aspect Of Mobile Learning, Luiz Fernando Capretz, Abdalha Ali, Abdelkader Ouda
A Conceptual Framework For Measuring The Quality Aspect Of Mobile Learning, Luiz Fernando Capretz, Abdalha Ali, Abdelkader Ouda
Electrical and Computer Engineering Publications
With the continuing growth of mobile phones outpacing that of desktops and laptops, mobile phones are the new personal computer. These devices started becoming increasingly sophisticated and extremely powerful. In addition to making phone calls it have the capabilities to perform variety functions, one of the most important functions using it as a classroom tool. However, mobile phone applications must be designed and developed with respect to different technologies skills, learning capabilities and language proficiency in order to be accepted by wide audiences (e.g., students, instructors). However, there is much work that has been done to measure the quality of …
Predicting Common Web Application Vulnerabilities From Input Validation And Sanitization Code Patterns, Lwin Khin Shar, Hee Beng Kuan Tan
Predicting Common Web Application Vulnerabilities From Input Validation And Sanitization Code Patterns, Lwin Khin Shar, Hee Beng Kuan Tan
Research Collection School Of Computing and Information Systems
Software defect prediction studies have shown that defect predictors built from static code attributes are useful and effective. On the other hand, to mitigate the threats posed by common web application vulnerabilities, many vulnerability detection approaches have been proposed. However, finding alternative solutions to address these risks remains an important research problem. As web applications generally adopt input validation and sanitization routines to prevent web security risks, in this paper, we propose a set of static code attributes that represent the characteristics of these routines for predicting the two most common web application vulnerabilities—SQL injection and cross site scripting. In …