Digital imaging and communications in medicine (DICOM) 3.0 standard provides the baseline for the picture archiving and communication systems (PACS). The development of Internet and various communication media initiat...
详细信息
Digital imaging and communications in medicine (DICOM) 3.0 standard provides the baseline for the picture archiving and communication systems (PACS). The development of Internet and various communication media initiated demand for non-DICOM access to PACS systems. Ever-increasing utilization of the web browsers, laptops and handheld devices, as opposed to desktop applications and static organizational computers, lead to development of different web technologies. The DICOM standard officials accepted those subsequently as tools of alternative access. This paper provides an overview of the current state of development of the web access technology to the DICOM repositories. It presents a different approach of using HTML5 features of the web browsers through the javascript language and the WebSocket protocol by enabling real-time communication with DICOM repositories. javascript DICOM network library, DICOM to WebSocket proxy and a proof-of-concept web application that qualifies as a DICOM 3.0 device were developed.
This thesis introduced a tool CoRec which can provide co-change suggestions when javascript programmers fix a bug. A comprehensive empirical study was carried out on 14,747 multi-entity bug fixes in ten open-source Ja...
详细信息
This thesis introduced a tool CoRec which can provide co-change suggestions when javascript programmers fix a bug. A comprehensive empirical study was carried out on 14,747 multi-entity bug fixes in ten open-source javascript programs. We characterized the relationship between co-changed entities (e.g., functions and variables), and extracted the most popular change patterns, based on which we built a machine learning (ML)-based approach to recommend additional entity to edit given developers’ code changes. Our empirical study shows that: (1) 50% of the crawled commits involve multi-entity edits (i.e., edits that touch multiple entities simultaneously); (2) three change patterns commonly exist in all ten projects; (3) 80-90% of co-changed function pairs in the 3 patterns either invoke the same function(s), access the same variable(s), or contain similar statement(s); and (4) our ML-based approach CoRec recommended entity changes with high accuracy. Our research will improve programmer productivity and software quality.
Websites remain popular targets for Cross-Site Scripting (XSS) attacks. Although the prevalence of XSS attacks is on the rise, many developers do not have the cybersecurity expertise to secure their web applications a...
详细信息
Websites remain popular targets for Cross-Site Scripting (XSS) attacks. Although the prevalence of XSS attacks is on the rise, many developers do not have the cybersecurity expertise to secure their web applications against these attacks. Non-security experts are often unfamiliar with writing and understanding exploit code making it difficult for them do web security tasks such as penetration testing and understanding the malicious intentions of an attacker who is targeting their web application. Automated Exploit Generation (AEG) is one solution for preemptively securing web applications against XSS attacks. Additionally, Natural Language Processing (NLP) can allow non-security experts to utilize natural language to generate exploit code and use exploit code to generate natural language descriptions of an attacker's intentions. This thesis presents HIJaX, a novel Natural Language-to-javascript generator prototype that combines NLP and AEG to do bi-directional English and code translations. This allows HIJaX to generate XSS attack code from English sentences as well as English sentences that explain the intentions of an attack, from XSS attack code. HIJaX provides non-security experts in the Software Development Life Cycle with a tool that allows them to understand and write XSS attacks without needing to have substantial knowledge in the field of cybersecurity. HIJaX utilizes CodeBERT, a state-of-the-art language model created by Microsoft for the purpose of translating between natural language and programming code in real-time. HIJaX trains on the malicious dataset, a curated collection of intent-snippet pairs where the intent is an English description an XSS attack and the snippet is the XSS attack code. This thesis explores different methods for dataset creation, discusses experiments that measure the usability of HIJaX, and presents the results of a user study that examines how non-security experts view HIJaX as a viable option to secure their web applications.
This thesis presents a new compiler from CakeML to javascript with support for almost the entire CakeML language. In addition to the new compiler, a javascript syntax formalization has been defined together with forma...
详细信息
This thesis presents a new compiler from CakeML to javascript with support for almost the entire CakeML language. In addition to the new compiler, a javascript syntax formalization has been defined together with formal semantics for a subset of javascript. The semantics include coverage for language features introduced as part of the ECMAScript 2015 standard. The new compiler, syntax formalization and semantics are implemented in the HOL4 theorem prover to allow for future verification of the new compiler. The new compiler enables CakeML programs to be run in web browsers on both desktop computers and smart phones and other contexts previously not available to CakeML.
As the key technology of Web 2.0, mashup is to access, process various data sources and then create new value-added and highly customizable services. And business logic description language is very important to mashup...
详细信息
ISBN:
(纸本)9781467329644;9781467329637
As the key technology of Web 2.0, mashup is to access, process various data sources and then create new value-added and highly customizable services. And business logic description language is very important to mashup. This paper proposes a solution to create lightweight mashup services based on javascript language. First, mashup architecture based on SOA is generally introduced. Then design and implementation mashup services based on javascript language is discussed in detail, including mashup server framework, javascript Engine to evaluate javascript file, javascript host objects used to access data sources, and deploy of javascript files as Services. In addition, a concrete example of mashup services creation using javascript is given. Finally, performance analyses of this new approach have been conducted to prove it an effective solution.
javascript is the most widely used web language for client-side applications. Whilst the development of javascript was initially just led by implementation, there is now increasing momentum behind the ECMA standardisa...
详细信息
ISBN:
(纸本)9781450325448
javascript is the most widely used web language for client-side applications. Whilst the development of javascript was initially just led by implementation, there is now increasing momentum behind the ECMA standardisation process. The time is ripe for a formal, mechanised specification of javascript, to clarify ambiguities in the ECMA standards, to serve as a trusted reference for high-level language compilation and javascript implementations, and to provide a platform for high-assurance proofs of language properties. We present JSCert, a formalisation of the current ECMA standard in the Coq proof assistant, and JSRef, a reference interpreter for javascript extracted from Coq to OCaml. We give a Coq proof that JSRef is correct with respect to JSCert and assess JSRef using test262, the ECMA conformance test suite. Our methodology ensures that JSCert is a comparatively accurate formulation of the English standard, which will only improve as time goes on. We have demonstrated that modern techniques of mechanised specification can handle the complexity of javascript.
暂无评论