The use of web applications has become increasingly popular in our routine activities, such as reading the news, paying bills, and shopping on-line. As availability these services grows, we are witnessing an increase number sophistication attacks that target them. In particular, SQL injection, a class code-injection which specially crafted input strings result illegal queries to database, one most serious threats applications. this paper present evaluate new technique for detecting...

Mobile app ecosystems have experienced tremendous growth in the last six years. This has triggered research on dynamic analysis of performance, security, and correctness properties mobile apps ecosystem. Exploration execution using automated UI actions emerged as an important tool for this research. However, existing largely developed analysis-specific automation techniques, wherein logic exploring is intertwined with analyzing properties. PUMA a programmable framework that separates these...

Optimizing the energy efficiency of mobile applications can greatly increase user satisfaction. However, developers lack viable techniques for estimating consumption their applications. This paper proposes a new approach that is both lightweight in terms its developer requirements and provides fine-grained estimates at code level. It achieves this using novel combination program analysis per-instruction modeling. In evaluation, our able to estimate within 10% ground truth set from Google...

SQL injection attacks pose a serious threat to the security of Web applications because they can give attackers unrestricted access databases that contain sensitive information. In this paper, we propose new, highly automated approach for protecting existing against injection. Our has both conceptual and practical advantages over most techniques. From standpoint, is based on novel idea positive tainting concept syntax-aware evaluation. our technique at same time precise efficient minimal...

Many software systems have evolved to include a web-based component that makes them available the public via Internet and can expose variety of attacks. One these attacks is SQL injection, which give attackers unrestricted access databases underlying web applications has become increasingly frequent serious. This paper presents new, highly automated approach for protecting against injection both conceptual practical advantages over most existing techniques. From standpoint, based on novel...

The popularity of mobile apps continues to grow as developers take advantage the sensors and data available on devices. However, increased functionality comes with a higher energy cost, which can cause problem for users battery constrained To improve consumption apps, need detailed information about their applications. Existing techniques have drawbacks that limit usefulness or provide at too high level granularity, such components methods. Our approach is able calculate source line...

Optimizing the energy efficiency of mobile applications can greatly increase user satisfaction. However, developers lack viable techniques for estimating consumption their applications. This paper proposes a new approach that is both lightweight in terms its developer requirements and provides fine-grained estimates at code level. It achieves this using novel combination program analysis per-instruction modeling. In evaluation, our able to estimate within 10% ground truth set from Google...

Energy is a critical resource for smartphones. However, developers who create apps these platforms lack quantitative and objective information about the behavior of with respect to energy consumption. In this paper, we describe results our source-line level consumption study 405 real-world market applications. Based on study, discover several interesting observations. For example, find average spend 61% their in idle states, network most consuming component, only few APIs dominate non-idle...

Developing energy efficient mobile applications is an impor- tant goal for software developers as usage can di- rectly affect the usability of a device. Unfortunately, lack guidance to how improve efficiency their implementation and which practices are most useful. In this paper we conducted small-scale em- pirical evaluation commonly suggested energy-saving performance-enhancing coding practices. evaluated degree these were able save compared unoptimized code coun- terparts. Our results...

A smartphone's display is one of its most energy consuming components. Modern smartphones use OLED displays that consume more when displaying light colors as op- posed to dark colors. This problematic many popular mobile web applications large colored backgrounds. To address this problem we developed an approach for auto- matically rewriting so they generate efficient pages. Our based on program analysis the structure application im- plementation. In evaluation our show it can achieve a 40%...

Energy is a critical resource for apps that run on mobile devices. Among all operations, making HTTP requests one of the most energy consuming. Previous studies have shown bundling smaller into single larger request can be an effective way to improve efficiency network communication, but not defined automated detect when bundled nor transform do this bundling. In paper we propose approach reduce consumption in Android by automatically detecting and then multiple requests. Our first detects...

The free app distribution model has been extremely popular with end users and developers. Developers use mobile ads to generate revenue cover the cost of developing these apps. Although apps are ostensibly free, they in fact do come hidden costs. Our study 21 real world Android shows that leads consume significantly more network data, have increased energy consumption, require repeated changes ad related code. We also found complaints about costs significant can impact ratings given an app....

The large demand of mobile devices creates significant concerns about the quality applications (apps). Developers heavily rely on bug reports in issue tracking systems to reproduce failures (e.g., crashes). However, process crash reproduction is often manually done by developers, making resolution bugs inefficient, especially that are written natural language. To improve productivity developers resolving reports, this paper, we introduce a novel approach, called ReCDroid, can automatically...

Our dependence on web applications has steadily increased, and we continue to integrate them into our everyday routine activities. When are making reservations, paying bills, shopping on-line, expect these be secure reliable. However, as the availability of services there been a corresponding increase in number sophistication attacks that target them. One most serious types attack against is SQL injection. injection class code-injection which user input included query such way part treated...

AMNESIA is a tool that detects and prevents SQL injection attacks by combining static analysis runtime monitoring. Empirical evaluation has shown both effective efficient against injection.

With the growing complexity of web applications, identifying interfaces that can be used for testing such applications has become increasingly challenging. Many techniques work effectively when applied to simple are insufficient on modern, dynamic and may ultimately result in inadequate applications' functionality. To address this issue, we present a technique automatically discovering application based novel static analysis algorithm. We also report results an empirical evaluation which...

As web applications become more widespread, sophisticated, and complex, automated quality assurance techniques for such have grown in importance. Accurate interface identification is fundamental many of these techniques, as the components a application communicate extensively via implicitly-defined interfaces to generate customized dynamic content. However, current identifying can be incomplete or imprecise, which hinders effectiveness techniques. To address limitations, we present new...

Optimizing the energy efficiency of mobile applications can greatly increase user satisfaction. However, developers lack easily applied tools for estimating consumption their applications. This paper proposes a new approach, eCalc, that is lightweight in terms its developer requirements and provides code-level estimates consumption. The approach achieves this using estimation techniques based on program analysis application. In evaluation, eCalc able to estimate within 9.5% ground truth set...

An attractive and visually appealing appearance is important for the success of a website. Presentation failures in site''s web pages can negatively impact end users'' perception quality site services it delivers. Debugging such challenging because testers must inspect large analyze complex interactions among HTML elements page. In this paper we propose novel automated approach debugging page user interfaces. Our uses computer vision techniques to detect then identify that are likely be...

Abstract Software piracy is an important concern for application developers. Such concerns are especially relevant in mobile development, where rates can be greater than 90%. The most common approach used by developers to prevent code obfuscation. However, the decision apply such transformations currently made without regard impacts of obfuscations on another area increasing developers, energy usage. Because both software and battery life concerns, must strike a balance between protecting...

Presentation failures in web applications can negatively affect an application's usability and user experience. To find such failures, testers must visually inspect the output of a application or exhaustively specify invariants to automatically check page's correctness. This makes finding presentation labor intensive error prone. In this paper, we present new automated approach for detecting localizing pages. detect our uses image processing techniques compare page its oracle. Then, localize...

Energy consumption of mobile apps has become an important consideration as the underlying devices are constrained by battery capacity. Display represents a significant portion app's energy consumption. However, developers lack techniques to identify user interfaces in their for which needs be improved. In this paper, we present technique detecting display hotspots - app whose is greater than optimal. Our leverages power modeling and automated transformation detect these prioritize them...

Optimizing the energy efficiency of mobile applications can greatly increase user satisfaction. However, developers lack easily applied tools for estimating consumption their applications. This paper proposes a new approach, eCalc, that is lightweight in terms its developer requirements and provides code-level estimates consumption. The approach achieves this using estimation techniques based on program analysis application. In evaluation, eCalc able to estimate within 9.5% ground truth set...

Abstract Penetration testing is widely used to help ensure the security of web applications. Using penetration testing, testers discover vulnerabilities by simulating attacks on a target application. To do this efficiently, rely automated techniques that gather input vector information about application and analyze application's responses determine whether an attack was successful. Techniques for performing these steps are often incomplete, which can leave parts untested undiscovered. This...