Your search

Given the popularity of PHP frameworks used in developing webbased applications, a comparative study is conducted to determine which framework is best suited for incorporation into the curriculum of an undergraduate software engineering course that uses project-based learning. The top six PHP frameworks (Zend, Yii, CakePHP, CodeIgniter, PRADO, and Symphony) were initially considered and then narrowed down to two (CakePHP and CodeIgniter) based on their alignment with common functionality in previous class projects, framework complexity for those new to frameworks (learning curve), and developer friendliness (availability of documentation and online resources). An in-depth comparative study is conducted by developing a functionally-equivalent web application using each of the two frameworks as well as plain PHP (no framework). This work was motivated by the difficulties that were encountered in an evolving, content-rich software engineering course and discusses the educational changes that were made to align student learning with sound software engineering principles and current software development practices used in the computing industry. Copyright © 2013 ACM.

This paper provides a description of how the topic of Google hacking was incorporated into a graduate course on web security which was offered in the Fall of 2005. It begins by providing an overview of Google hacking and describes what it is, how it is used, and most importantly how to defend against it. The paper then describes a series of exercises that students must complete providing them with hands-on Google hacking strategies, techniques and countermeasures. Copyright 2007 ACM.

A view of interactions in the undergraduate classroom is presented from several perspectives. Topics discussed include class perceptions of teacher as facilitator/authority/leader, grades versus performance appraisals, mixed-gender interactions, and subtle forms of cultural variations.

This preliminary investigation considers undergraduate student perceptions with respect to their professional future. `No one warned me it would be like this,' and `These are the things that college never taught me,' are typical comments that are heard from the young workforce. This paper addresses future plans and predictions of students from two New England institutions of higher learning by utilizing a variety of strategies. Methods to elicit data include in-class activities and carefully designed questionnaires. These exercises have been designed to uncover images and themes concerning transition from college to the workplace. Issues include technical and communication skills, leadership roles, corporate politics, group dynamics, and gender diversity in the workplace.

Poor security practices among smartphone users, such as the use of simple, easily guessed passcodes for logins, are a result of the effort required to memorize stronger ones. In this paper, we devise a concept of “open code” biometric tap pad to authenticate smartphone users, which eliminates the need of memorizing secret codes. A biometric tap pad consists of a grid of buttons each labeled with a unique digit. The user attempting to log into the phone will tap these buttons in a given sequence. He/she will not memorize this tap sequence. Instead, the sequence will be displayed on the screen. The focus here is how the user types the sequence. This typing behavior is used for authentication. An open code biometric tap pad has several advantages, such as (1) users do not need to memorize passcodes, (2) manufacturers do not need to include extra sensors, and (3) onlookers have no chance to practice shoulder-surfing. We designed three tap pads and incorporated them into an Android app. We evaluated the performance of these tap pads by experimenting with three sequence styles and five different fingers: two thumbs, two index fingers, and the “usual” finger. We collected data from 33 participants over two weeks. We tested three machine learning algorithms: Support Vector Machine, Artificial Neural Network, and Random Forest. Experimental results show significant promise of open code biometric tap pads as a solution to the problem of weak smartphone security practices used by a large segment of the population.

As more people rely on smartphones to store sensitive information, the need for robust security measures is all the more pressing. Because traditional one shot authentication methods like PINs and passwords are vulnerable to various attacks, we present a behavioral biometrics based smartphone authentication system using swipes. While previous research focused on a single kind of swipe, our data set features swipes using different fingers and directions collected from 36 users across three sessions. In our system, we experimented with support vector machine (SVM) and random forest (RF) classifiers. We investigated which finger, direction, and classifier provided the best individual swipe authentication results. Then, we analyzed whether fusion of different fingers and directions improved results. The best unimodal result came from a rightward swipe with right thumb using SVM, which resulted in an area under ROC curve (AUC) of 0.936 and an equal error rate (EER) of 0.135. We found that swipes using thumbs offered better performance. Fusion improves results for the most part, and our best result was the combination of a leftward swipe with right thumb and a leftward swipe with left thumb. This combination gave an AUC of 0.969 and EER of 0.081 with the SVM classifier.

In this paper, we develop a new point-of-entry security measure for smartphone users. We devise a concept, the “Quad Swipe Pattern”, which includes four swipes from a user in four directions and utilizes the user’s swipe behavior for authentication. The Quad Swipe Pattern overcomes several shortcomings present in current point-of-entry security measures. We performed several experiments to demonstrate the effectiveness of the Quad Swipe Pattern in smartphone user authentication. We evaluated the Quad Swipe Pattern using five machine learning classifiers, three datasets of different sizes, and five different fingers. In addition, we studied how fusion of information from multiple fingers and multiple classifiers can improve the performance of Quad Swipe Pattern. All of our experimental results show significant promise of the Quad Swipe Pattern as a new point-of-entry security measure for smartphones. With a Neural Network model, the Quad Swipe Pattern achieves the Accuracy of 99.7%, False Acceptance Rate of 0.4%, and False Rejection Rate of 0%. With Support Vector Machine, the Quad Swipe Pattern achieves the Accuracy of 99.5%, False Acceptance Rate of 0.4%, and False Rejection Rate of 1.7%. With fusion of two best fingers, the Quad Swipe Pattern demonstrates an excellent performance of a zero Equal Error Rate.

This paper focuses on how zoom touchscreen gestures can be used to continuously authenticate and identify smartphone users. The zoom gesture is critically under-researched as a behavioral biometric despite richness of data found in this gesture. Furthermore, analysing how the zoom gesture performs over time is a novel line of inquiry. Zoom samples from three different data collection sessions were sourced. In these sessions, each participant zoomed in and out on three images. Eighty-five features were extracted from each gesture. The classification models used were Support Vector Machine (SVM), Random Forest (RF), and K-nearest Neighbor (KNN). The best authentication performance of AUC 0.937 and EER 10.6% were achieved using the SVM classifier. The best identification performance of 65.5% accuracy, 69.6% precision, and 67.9% recall were achieved using the RF classifier. In terms of stability over time, SVM proved to be the most stable classifier, with an AUC degradation of only 0.007 after two weeks had elapsed. This analysis proves that zoom gestures demonstrate promise for use in continuous smartphone authentication and identification applications. © 2021 Elsevier Ltd