A5029374447- Security and Verification in Computing
- Web Application Security Vulnerabilities
- Software System Performance and Reliability
- Advanced Malware Detection Techniques
- Advanced Software Engineering Methodologies
- Distributed systems and fault tolerance
- Industrial Vision Systems and Defect Detection
- Engineering and Test Systems
- Real-Time Systems Scheduling
- Cloud Computing and Resource Management
- Software Testing and Debugging Techniques
Charles University
2014-2020
Many decisions taken during software development impact the resulting application performance. The key whose potential is large are usually carefully weighed. In contrast, same care not used for many individual likely to be small -- simply because costs would outweigh benefits. Developer opinion common deciding factor these cases, and our goal provide developer with information that help form such opinion, thus preventing performance loss due accumulated effect of poor decisions.
The tutorial aims at practitioners - researchers or developers who need to execute small scale performance experiments in Java. goal is provide the attendees with a compact overview of some issues that can hinder experiment mislead evaluation, and discuss methods tools help avoid such issues. will examine multiple elements software execution stack impact performance, including common virtual machine mechanisms (just-in-time compilation garbage collection together associated runtime...
JSPChecker is a static analysis tool that detects context-sensitive cross-site scripting vulnerabilities in legacy web applications. While flaws can be mitigated through sanitisation, process removes dangerous characters from input values, proper sanitisation requires knowledge about the output context of values. Indeed, pages are built using mix different languages (e.g. HTML, CSS, JavaScript and others) call for routines. Context-sensitive occur when there mismatch between routines contexts.
Middleware performance models are useful building blocks in the of distributed software applications. We focus on messaging middleware implementing Java Message Service standard, showing how certain system design properties -- including pipelined processing and message coalescing interact to create behavior that existing do not capture accurately. construct a model ActiveMQ addresses outlined issues discuss approach extends other implementations.
Cross-site scripting (XSS) flaws are a class of security that permit the injection malicious code into web application. In simple situations, these can be caused by missing input sanitizations. Sometimes, however, all application inputs sanitized, but sanitizations not appropriate for browser contexts sanitized values. Using an incorrect sanitizer make look protected, when it is in fact vulnerable as if no sanitization was used, creating context-sensitive XSS flaw. To discover flaws, we...
Cross site scripting (XSS) is a type of security vulnerability that permits injecting malicious code into the client side web application. In simplest situations, XSS vulnerabilities arise when application includes user input in output without due sanitization. Such simple can be detected fairly reliably with blackbox scanners, which inject payload sensitive parts HTTP requests and look for reflected values output. Contemporary scanners are not effective against stored vulnerabilities, where...