Zarina Shukur

A Design of an Assessment System for UML Class Diagram

The Unified Modeling Language (UML) is probably the most widely known and used notation for object- oriented analysis and design. UML consists of various graphical notations, which capture the static system structures (class diagrams), system component behaviors (state transition diagrams) and system component interactions (collaboration and sequence diagrams). UML notations can be produced with the help of CASE (Computer-aided software engineering) tools such as Rational Rose. Basically, we proposed the development of an Assessment system for UML class diagram, the UML Class Diagram Assessor (UCDA). This tool will receive a students UML class diagram in the form of Rational Rose petal files. In this paper we present a design of UML Class Diagram Assessor (UCDA) that evaluates UML class diagrams automatically. UCDA evaluates the diagram based on three aspects: its structure; its correctness and language used. The output of UCDA is a list of comments on a diagram that is hoped to guide students in understanding on how to represent the system requirement in UML model correctly.

An experimental assessment of module documentation-based testing

Context: Testing a module that has memory using the black-box approach has been found to be expensive and relatively ineffective. Instead, testing without knowledge of the specifications (white-box approach) may not be effective in showing whether a program has been properly implemented as stated in its specifications. We propose instead a grey-box approach called Module Documentation-based Testing or MD-Test, the heart of which is an automatic generation of the test oracle from the external and internal views of the module. Objective: This paper presents an empirical analysis and comparison of MD-Test against three existing testing tools. Method: The experiment was conducted using a mutation-testing approach, in two phases that assess the capability of MD-Test in general and its capability of evaluating test results in particular. Results: The results of the general assessment indicate that MD-Test is more effective than the other three tools under comparison, where it is able to detect all faults. The second phase of the experiment, which is significant to this study, compares the capabilities of MD-Test and JUnit-black using the test evaluation results. Likewise, an analysis of the test evaluation results shows that MD-Test is more effective and efficient, where MD-Test is able to detect at least the same number of faults as, or is at par with, the black-box approach. Conclusion: It is concluded that test evaluation using grey-box approach is more effective and efficient that the black-box approach when testing a module that has memory.

DETECTING ABNORMAL BEHAVIOR IN SOCIAL NETWORK WEBSITES BY USING A PROCESS MINING TECHNIQUE

Detecting abnormal user activity in social network websites could prevent from cyber-crime occurrence. The previous research focused on data mining while this research is based on user behavior process. In this study, the first step is defining a normal user beh avioral pattern and the second step is detecting ab normal behavior. These two steps are applied on a case stu dy that includes real and syntactic data sets to ob tain more tangible results. The chosen technique used to define the pattern is process mining, which is an affordable, complete and noise-free event log. The proposed model discovers a normal behavior by genetic process mining technique and abnormal activities ar e detected by the fitness function, which is based on Petri Net rules. Although applying genetic mining is time consuming process, it can overcome the risk s of noisy data and produces a comprehensive normal model in Petri net representation form.

Using Animation in Active Learning Tool to Detect Possible Attacks in Cryptographic Protocols

Interactive Visualization tools for active learning of generic cryptographic protocols are very few. Although these tools provide the possibility to engage the learner by asking him to describe a cryptographic protocol using a simple visual metaphor to represent the abstraction of the concepts being visualized, the problem is that some cryptographic operations are not visualized or animated and hidden from the learners perspective such as encryption/decryption actions. Other operations are not supported by these tools such as timestamp and freshness. So, its difficult to cover all possible attack that the intruder might employ with such operations are missing. The purpose of this research is to provide an interactive visualization tool for teaching undergraduate students security protocols concepts especially key distribution, multiple operations such as encryption/decryption and signed/unsigned operations, and possible protocol attacks. By designing a high quality graphical user interface and simple visual metaphor, learners will be able to specify the protocols and consider the possible attack at each step of protocol demonstration.

The automatic assessment of formal specification coursework

THE PURPOSE OF THIS PAPER is to describe a system that is able to grade the quality of a formal specification written in the Z language. It is intended to assess the quality of specifications written by students as coursework for a course in formal specification. The quality is measured by considering two factors: correctness and maintainability.There are two stages in measuring the correctness of a specification. First, the syntax and semantics of the specification must be checked. Second, the level to which the specification satisfies the customer requirements must be determined. In this paper, we animate the specification against various test states of the system. Marks for animation are produced according to the extent to which the specification fulfills the customer requirements.Specification maintainability is divided into two categories. First the typographic arrangement metric derived from the specification will be compared against a range of absolute values. Second, the complexity metrics derived from the specification will be compared against those for a model specification.The performance of the system (on introductory exercises) has been compared with a human marker. The result shows that (at this introductory level) the system and a human marker broadly agreed on the marks given.

Proposed features of an online examination interface design and its optimal values

User Interface Design is an essential part of any software application. Accordingly, online examination is an equally important system within eLearning. Consequently, online examination design features are a significant factor in enhancing exam efficiency as well as convenience for examinees. Nine main design features are generally applied in the online exam, namely font (i.e., type, size, colour, and style), background colour, sound alert, questions group, time counters, and number of questions per page. The values of these features are closely related to user characteristics, whether relating to the physical, cognitive, psychomotor, demographics or experience. Our experiment was conducted on 119 students to identify the commonly preferred online examination design. The results show that the students had variations in their choice of online exam interface design, where students preferred to group questions by Topic and then by Type. The most popular font type was Arial with a size of 14 or 12 and using regular font style. Moreover, white background and black text were the most preferred. Most of the students selected 5 and 3 questions/page respectively. Countdown Timer was the most preferred time counter. Regarding sound alert, the 15 and 5min remains were the most selected by students.

Awareness Training Transfer and Information Security Content Development for Healthcare Industry

Electronic Health Record (EHR) becomes increasingly pervasive and the need to safeguard EHR becomes more vital for healthcare organizations. Human error is known as the biggest threat to information security in Electronic Health Systems that can be minimized through awareness training programs. There are various techniques available for awareness of information security. However, research is scant regarding effective information security awareness delivery methods. It is essential that effective awareness training delivery method is selected, designed, and executed to ensure the appropriate protection of organizational assets. This study adapts Holton’s transfer of training model to develop a framework for effective information security awareness training program. The framework provides guidelines for organizations to select an effective delivery method based on the organizations’ needs and success factor, and to create information security content from a selected healthcare’s internal information security policy and related international standards. Organizations should make continual efforts to ensure that content of policy is effectively communicated to the employees.

Design pattern mining using distributed learning automata and DNA sequence alignment

Context Over the last decade, design patterns have been used extensively to generate reusable solutions to frequently encountered problems in software engineering and object oriented programming. A design pattern is a repeatable software design solution that provides a template for solving various instances of a general problem. Objective This paper describes a new method for pattern mining, isolating design patterns and relationship between them; and a related tool, DLA-DNA for all implemented pattern and all projects used for evaluation. DLA-DNA achieves acceptable precision and recall instead of other evaluated tools based on distributed learning automata (DLA) and deoxyribonucleic acid (DNA) sequences alignment. Method The proposed method mines structural design patterns in the object oriented source code and extracts the strong and weak relationships between them, enabling analyzers and programmers to determine the dependency rate of each object, component, and other section of the code for parameter passing and modular programming. The proposed model can detect design patterns better that available other tools those are Pinot, PTIDEJ and DPJF; and the strengths of their relationships. Results The result demonstrate that whenever the source code is build standard and non-standard, based on the design patterns, then the result of the proposed method is near to DPJF and better that Pinot and PTIDEJ. The proposed model is tested on the several source codes and is compared with other related models and available tools those the results show the precision and recall of the proposed method, averagely 20% and 9.6% are more than Pinot, 27% and 31% are more than PTIDEJ and 3.3% and 2% are more than DPJF respectively. Conclusion The primary idea of the proposed method is organized in two following steps: the first step, elemental design patterns are identified, while at the second step, is composed to recognize actual design patterns.

Approaches to develop oracle for detecting deception in online chatting software

In this paper we will discuss several approaches that can be used to develop an oracle in chatting software. This oracle is meant to give early warning to the chatting software user about their chatting partner based on their communication. The approaches include expert rule, data mining, ontology as well as simple text processing. Even though the issue of privacy and free-information in cyber world is unavoidable, we believe that choices must be given so that stack holder such as parents can choose to have save environment for their children.

Features of a visualization tool for specification and analysis of security protocol

Visualization tools can be an effective and entertaining means to teach students concepts in the class room. Providing accessibility to the tools allows motivated students to interact “live” with visualizations. Security protocols are an important concept in teaching information and network security. Students need to understand both the sequence of passed information, computations and analysis. In this paper, we propose an animated interactive visualization tool for teaching undergraduate students security protocols (design and analysis of authentication protocols). The student can play the animation to see the protocol in action. They can also realize and define the protocol problems by using an interactive (animation) analyzer, included within the tool, to determine the exact invalid section of the running protocol.