Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 4 of 4
Full-Text Articles in Physical Sciences and Mathematics
Right To Know, Right To Refuse: Towards Ui Perception-Based Automated Fine-Grained Permission Controls For Android Apps, Vikas Kumar Malviya, Chee Wei Leow, Ashok Kasthuri, Naing Tun Yan, Lwin Khin Shar, Lingxiao Jiang
Right To Know, Right To Refuse: Towards Ui Perception-Based Automated Fine-Grained Permission Controls For Android Apps, Vikas Kumar Malviya, Chee Wei Leow, Ashok Kasthuri, Naing Tun Yan, Lwin Khin Shar, Lingxiao Jiang
Research Collection School Of Computing and Information Systems
It is the basic right of a user to know how the permissions are used within the Android app’s scope and to refuse the app if granted permissions are used for the activities other than specified use which can amount to malicious behavior. This paper proposes an approach and a vision to automatically model the permissions necessary for Android apps from users’ perspective and enable fine-grained permission controls by users, thus facilitating users in making more well-informed and flexible permission decisions for different app functionalities, which in turn improve the security and data privacy of the App and enforce apps …
Automated Reverse Engineering Of Role-Based Access Control Policies Of Web Applications, Ha Thanh Le, Lwin Khin Shar, Domenico Bianculli, Lionel C. Briand, Cu Duy Nguyen
Automated Reverse Engineering Of Role-Based Access Control Policies Of Web Applications, Ha Thanh Le, Lwin Khin Shar, Domenico Bianculli, Lionel C. Briand, Cu Duy Nguyen
Research Collection School Of Computing and Information Systems
Access control (AC) is an important security mechanism used in software systems to restrict access to sensitive resources. Therefore, it is essential to validate the correctness of AC implementations with respect to policy specifications or intended access rights. However, in practice, AC policy specifications are often missing or poorly documented; in some cases, AC policies are hard-coded in business logic implementations. This leads to difficulties in validating the correctness of policy implementations and detecting AC defects.In this paper, we present a semi-automated framework for reverse-engineering of AC policies from Web applications. Our goal is to learn and recover role-based access …
Predictive Models In Software Engineering: Challenges And Opportunities, Yanming Yang, Xin Xia, David Lo, Tingting Bi, John C. Grundy, Xiaohu Yang
Predictive Models In Software Engineering: Challenges And Opportunities, Yanming Yang, Xin Xia, David Lo, Tingting Bi, John C. Grundy, Xiaohu Yang
Research Collection School Of Computing and Information Systems
Predictive models are one of the most important techniques that are widely applied in many areas of software engineering. There have been a large number of primary studies that apply predictive models and that present well-performed studies in various research domains, including software requirements, software design and development, testing and debugging, and software maintenance. This article is a first attempt to systematically organize knowledge in this area by surveying a body of 421 papers on predictive models published between 2009 and 2020. We describe the key models and approaches used, classify the different models, summarize the range of key application …
A Survey On Deep Learning For Software Engineering, Yanming Yang, Xin Xia, David Lo
A Survey On Deep Learning For Software Engineering, Yanming Yang, Xin Xia, David Lo
Research Collection School Of Computing and Information Systems
In 2006, Geoffrey Hinton proposed the concept of training "Deep Neural Networks (DNNs)" and an improved model training method to break the bottleneck of neural network development. More recently, the introduction of AlphaGo in 2016 demonstrated the powerful learning ability of deep learning and its enormous potential. Deep learning has been increasingly used to develop state-of-the-art software engineering (SE) research tools due to its ability to boost performance for various SE tasks. There are many factors, e.g., deep learning model selection, internal structure differences, and model optimization techniques, that may have an impact on the performance of DNNs applied in …