Marek Zachara

Comparison of Text-Similarity Metrics for the Purpose of Identifying Identical Web Pages During Automated Web Application Testing

The paper focuses on the evaluation of effectiveness of a number of algorithms used to assess text similarity. The purpose of such evaluation is to determine the best methods for comparing and identifying near-identical web pages. Such comparison of web pages is in turn a prerequisite for building new automated testing tools and security scanners. The goal is to build scanners that will be able to automatically test the web application behavior for a large range of supplied parameters (known as fuzzing). Such testing requires massive generation and processing of requests, which in turn require fast page comparison methods. The similarity comparison is performed on a shortened, tokenized version of web pages, using a test set of pages downloaded from popular websites. A methodology for the evaluation of similarity metrics is proposed, together with a quality metric for the intended task. Several tokenization strategies are also tested and their impact on the final result is assessed.

Evolutionary Scanner of Web Application Vulnerabilities

With every passing year, there are more and more websites, which often process sensitive and/or valuable information. Due to models like Continuous Development, manual testing and code review are reduced to minimum, with new features implemented and deployed even on the same day. This calls for development of new automated testing methods, especially the ones that will allow for identification of potential security issues. In this article such a new method, which is based on automated web pages comparisons, clustering and grammatical evolution is proposed. This method allows for automated testing of a website and can identify outstanding (unusual) web pages. Such pages can then be further investigated by checking if they are legitimate, contain some unused modules or potential threats to application security. The proposed method can identify such anomalous pages within the set of interlinked web pages, but can also find web pages that are not linked to any other web page on the server by utilizing genetic-based generation of URLs.

Automatic Grammar Induction for Grammar Based Genetic Programming

This paper discusses selected aspects of evolutionary search algorithms guided by grammars, such as Grammar Guided Genetic Programming or Grammatical Evolution. The aim of the paper is to demonstrate that, when the efficiency of the search process in such environment is considered, it is not only the language defined by a grammar that is important, but also the form of the grammar plays a key role. In the most common current approach, the person who sets up the search environment provides the grammar as well. However, as demonstrated in the paper, this may lead to a sub-optimal efficiency of the search process. Because an infinite number of grammars of different forms can exist for a given language, manual construction of the grammar which makes the search process most effective is generally not possible. It seems that a desirable solution would be to have the optimal grammar generated automatically for the provided constrains. This paper presents possible solutions allowing for automatic grammar induction, which makes the search process more effective.

Collective Detection of Potentially Harmful Requests Directed at Web Sites

The number of web-based activities and websites is growing every day. Unfortunately, so is cyber-crime. Every day, new vulnerabilities are reported and the number of automated attacks is constantly rising. Typical signature-based methods rely on expert knowledge and the distribution of updated information to the clients (e.g. anti-virus software) and require more effort to keep the systems up to date. At the same time, they do not protect against the newest (e.g. zero-day) threats. In this article, a new method is proposed, whereas cooperating systems analyze incoming requests, identify potential threats and present them to other peers. Each host can then utilize the findings of the other peers to identify harmful requests, making the whole system of cooperating servers “remember” and share information about the threats.

Agent based simulation of customers behavior for the purpose of price distribution estimation

Price dispersion is an observed variation of price of the same (or similar) product among different vendors. This paper provides a possible explanation of the observed shape of the dispersion, proven by simulations of an agent based client-vendor environment. Proposed models for client and vendor representation are included. It turns out that the observed shape is achieved when some key environmental elements are taken into account; i.e. communication between clients, a limited memory of a client and the cost of crossing the distance between agents. As a benefit of the proposed model, it allows for speculation on how the future commerce may look like - in an Internet world where distances matter little.

Active Protocol Discoverer Based on Grammatical Evolution

The paper presents a proposition of a system of protocol discovering (Protocol Discoverer) developed on the basis of Grammatical Evolution techniques. Unlike numerous other solutions based solely on observing messages between participants of a conversation, our Protocol Discoverer is an active participant which generates messages and sends them to the system for which the protocol is to be identified. This solution allows not only for identifying typical behaviors of participants within a protocol, but also for finding anomalous behaviors (the ones which normally do not occur between participants using a defined protocol).

Simulation-Based Analysis of Wind Farms’ Economic Viability

In the following paper, we propose an utilization of a simulation - based approach for a wind farm viability analysis. The simulation is created in Erlang language, and it takes into account a set of parameters selected on the basis of a bibliographical analysis. A number of simulations were performed with the discussed model and selected results have been presented in this paper. It was found out that the economic viability of wind farms is strongly correlated with a number of external conditions, including the environmental factors, organizational costs and governmental support.

Stereoscopic 3D Graph Visualization for Assisted Data Exploration and Discovery

Data structures and relations are becoming increasingly complex and difficult to assess and manage. Although automated rules and algorithms can be used for many data-mining tasks, there are still situations where human attention and insight is required to identify unexpected circumstances or unanticipated patterns. Presentation of large quantities of data has always been a challenging task. In this paper a method for representing large graph-based data sets is proposed to help users navigate through large clusters of data. The proposed method is based on a stereoscopic 3D visualization with special enhancements for a large multi node graph visualization. The stereoscopic projection allows for utilization of techniques that can draw users’ attention to particular regions of the graph. The method uses specially established node-node relations to calculate attention drawing factor values for each graph node.

Global Financial Crisis and the Decoupling Hypothesis

The purpose of the paper is to assess the decoupling hypothesis which states that the performance of the emerging economies is relatively independent from the changes in developed economies. Christiano-Fitzgerald’s band-pass filter and spectral analysis have been applied to examine the hypothesis. Comparing the deviations of GDPs from their long-term trend, it can be claimed that the synchronization of business cycles between emerging and developed economies was already high before the last global crisis in 2008. The analysis presented in this paper shows that the synchronization (coupling) of the economies actually increased after this time. Therefore, this paper presents evidence against the commonly accepted decoupling hypothesis, and at the same time it raises doubts whether the high rates of growth in emerging economies are sustainable in the presence of the slowdown in the developed economies.

Detecting Unusual User Behaviour to Identify Hijacked Internet Auctions Accounts

For over 15 years auction services have grown rapidly, constituting a major part of e-commerce worldwide. Unfortunately, they also provide opportunities for criminals to distribute illicit goods, launder money or commit other types of fraud. This calls for methods to mitigate this threat. The following paper discusses the methods of identifying the accounts of users participating in internet auctions that have been hijacked (taken over) by malicious individuals and utilised for fraudulent purposes. Two primary methods are described, monitoring users’ activities (e.g. the number of auctions created over time) with EWMA and clustering similar auction categories into groups for the purpose of assessing users’ sellers profiles and detecting their sudden changes. These methods, utilised together allow for real-time detection of suspicious accounts. The proposed models are validated on real data gathered from an auction web site.