Kai Qian

A Static Analysis Framework For Detecting SQL Injection Vulnerabilities

Recently SQL injection attack (SIA) has become a major threat to Web applications. Via carefully crafted user input, attackers can expose or manipulate the back-end database of a Web application. This paper proposes the construction and outlines the design of a static analysis framework (called SAFELI) for identifying SIA vulnerabilities at compile time. SAFELI statically inspects MSIL bytecode of an ASP.NET Web application, using symbolic execution. At each hotspot that submits SQL query, a hybrid constraint solver is used to find out the corresponding user input that could lead to breach of information security. Once completed, SAFELI has the future potential to discover more delicate SQL injection attacks than black-box Web security inspection tools.

Green Computing Methodology for Next Generation Computing Scientists

Green computing has been an active research area which studies an efficient use of computing resources. It is a growing import subject that creates an urgent need to train next generation computer scientists or practitioners to think “green.” However, green computing has not yet been well taught in computer science (CS) or computer engineering programs (CE) programs, partly due to the lack of rooms to add a new course to those programs. Presented in this paper is an effort to reform core concepts of CS/CE to inculcate green computing in subjects such as algorithms, and operating systems.

Automated Detection and Analysis for Android Ransomware

Along with the rapid growth of new science and technology, the functions of smartphones become more and more powerful. Nevertheless, everything has two aspects. Smartphones bring so much convenience for people and also bring the security risks at the same time. Malicious application has become a big threat to the mobile security. Thus, an efficiency security analysis and detection method is important and necessary. Due to attacking of malicious application, user could not use smartphone normally and personal information could be stolen. What is worse, attacking proliferation will impact the healthy growth of the mobile Internet industry. To limit the growing speed of malicious application, the first thing we need to know what malicious application is and how to deal with. Detecting and analyzing their behaviors helps us deeply understand the attacking principle such that we can take effective countermeasures against malicious application. This article describes the basic Android component and manifest, the reason that Android is prevalent and why attacking came in. This paper analyzed and penetrated malicious ransom ware which threats mobile security now with our developed automated analysis approach for such mobile malware detection.

Binary image processing by polynomial approach

Abstract In this paper we describe a polynomial environment for binary image processing. A data structure in the form of a quadtree is proposed. We develop algebraic operators to do contour determination, approximation and thinning.

The automated web application testing (AWAT) system

In this paper we propose an Automated Web application Testing (AWAT) system which can be used by instructors to effectively evaluate student web programming projects automatically based on the test cases specified on Excel. The AWAT is driven by WATIR and simulates the actions of human testers to extract information from Web pages, and verify expected outcome based on the test case specification. The system is unique in its ability to interact with web GUI and its portability to work with any client side or server side web application on any platforms. The preliminary experiments have been conducted and We found that the system can provide fairness to the grading of large scaled student projects and can greatly help elevate faculty productivity.

Determining holes and connectivity in binary images

Abstract We develop an algorithm to (a) determine the contours of an object in a binary image, (b) decide if a contour is inner or outer, and (c) find the unique outer contour surrounding each inner contour. An inner contour, if any, corresponds to a hole in the object and each outer contour corresponds to a connected component. Thus, the algorithm determines all the connected components and holes of the given object. The algorithm is based on operations from Mathematical Morphology and the representation of images by polynomials in two variables. The morphological operations of dilation and erosion are carried out conveniently in terms of the polynomial representation; these involve polynomial multiplications. Significant speedup is possible if the Fast Fourier Transform technique is used to compute the polynomial products involved in the operations.

A template polynomial approach for image processing and visual recognition

Abstract A polynomial approach to the representation of gray images for machine vision is described. An algebraic system is developed where a polynomial in two variables with real coefficients represents a gray image and it is shown that most of the standard image processing tasks like smoothing, edge detection, rotation and magnification can be done by operating certain polynomials called template polynomials. This method is also applied to connected component labelling, shape decomposition, template matching, and the skeletonization of a gray image without a priori thresholding. A technique is developed to decompose a template and do parallel processing.

Race condition in Ajax-based web application

The atomicity is an important issue in asynchronous based data communication. In the modern web application today, asynchronous introduces hazardous effect causing unexpected results. This paper discusses the race condition occurred between the user request and server response due to the asynchronous nature of the web application using Ajax. A race condition occurs when multiple threads in a process try to modify the critical section data at the same time. The data will depend on which thread arrived last. Concurrent requests will be running asynchronously and it is impossible to predict which will return first. The locking mechanism is not a very effective way but may avoid race condition. Our future project develops a more effective way to detect the race conditions while parsing.

An algebraic approach for morphological operations on 2D and 3D images

Abstract This paper describes an algebraic approach to morphological operations on 2D and 3D images. For 2D images, a matching algorithm based on mathematical morphology is given. For 3D images represented by voxels, algorithms are developed for the shape decomposition and thinning. The possible advantages of the algebraic approach are indicated by showing that a considerable speedup takes place (for large-sized templates) if the Fast Fourier Transform (FFT) is used to compute the convolutions.

Gray image skeletonization with hollow preprocessing using distance transformation

This paper presents a gray-scale skeletonization algorithm based on the gray weighted distance transformation (GWDT). The proposed algorithm is conceptually simple and could be used to process nonuniformly distributed gray-scale images. The algorithm can detect the hollows on the gray-scale image, a feature that is often ignored in other skeletonization algorithms, and improves the quality of the skeleton.