submit CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in the SCIE (2018 Impact Factor 0.854), and in Scopus

Journal of Web Engineering

Martin Gaedke, Chemnitz University of Technology, Germany
Geert-Jan Houben, Delft University of Technology, The Netherlands
Flavius Frasincar, Erasmus University Rotterdam, The Netherlands
Florian Daniel, Politecnico di Milano, Italy

ISSN: 1540-9589 (Print Version),

ISSN: 1544-5976 (Online Version)
Vol: 18   Issue: 7

Published In:   November 2019

Publication Frequency: 8 issues per year

Search Available Volume and Issue for Journal of Web Engineering

Journal Description        Read Full Articles        Editorial Board        Subscription        Indexed

Towards Improving Productivity in NMap Security Audits

Jose Manuel Redondo1 and Daniel Cuesta2

1Computational Reflection Research Group, Department of Computer Science, University of Oviedo, Science Faculty, Office 240, C/Federico Garcia Lorca S/N, 33007, Oviedo, Spain
2Computer Network Attack (CNA), S2Grupo, Valencia, Spain

Abstract: [+]    |    Download File [ 3462KB ]    |   Read Article Online

Abstract: Maintaining an adequate security level in computer infrastructures, like Internet-facing web servers, requires periodic assessment of their vulnerabilities with specialized security tools. nmap is arguably the most popular one, due to its versatility, powerful features, and low resource usage. However, this versatility can turn its usage difficult and error-prone, as it implements a lot of features and reports errors at runtime. This can lead to suboptimal results while designing auditing tasks. This research aims to decrease this complexity by developing a web GUI that favors experimentation, on-demand scans, and provides solutions to several shortcomings detected in the official one. We complemented it with a Domain Specific Language that implements early detection and reporting of syntax, type, and semantic errors when creating audit tasks. Both expand nmap possibilities, creating robust, schedulable, distributable, and portable auditing tasks able to find anomalies analyzing their output. Our initial release shows that the web GUI has been well received by several security related media and professionals. The language can detect and report a wide range of potential errors, substantially increasing the robustness of the created tasks. Therefore, Domain Specific Languages with early detection of type errors turned to be suitable to lower the complexity and expand the usage possibilities of complex tools like nmap.

Keywords: nmap, web GUI, advanced features, productivity, Domain Specific Language, static type checking.

Discovery and Analysis About the Evolution of Service Composition Patterns

Zhenfeng Gao1,2, Yushun Fan3, Xiu Li1, Liang Gu2, Cheng Wu3 and Jia Zhang4

1Graduate School at Shenzhen, Tsinghua University, Shenzhen, China
2Sangfor Technologies Inc., Shenzhen, China
3Tsinghua National Laboratory for Information Science and Technology, Beijing, China
4Department of Electrical and Computer Engineering, Carnegie Mellon University, Silicon Valley, California, USA

Abstract: [+]    |    Download File [ 1208KB ]    |   Read Article Online

Abstract: Service ecosystems, consisting of various kinds of services and mashups, usually keep evolving over time. Existing works on the evolution of service ecosystems focus on either evaluating the impacts of single services’ changes on the usage of services and the stability of the whole ecosystem, or discovering co-occurrence relationship between services, but fail to disclose any knowledge from the aspect of the evolution of service composition patterns. Based on our previous work, this paper moves one step further, revealing the latent service composition trends in a service ecosystem and providing more distinct explanation of different topic evolution patterns. A novel methodology, named Extended Dependency-Compensated Service Co-occurrence LDA (EDC-SeCo-LDA), is developed to calculate the directed dependencies between different topics and build topic evolution graph. The evolution trend of service composition could be disclosed by the graph intuitively. What’s more, EDC-SeCo-LDA proposes five different ways to adopt dependency compensation to improve the performance when making service recommendation. Experiments on show that EDC-SeCo-LDA can reveal significant topic dependencies, and recommend service composition more effectively, i.e., 6% better in terms of Mean Average Precision compared with baseline approaches.

Keywords: Topic evolution graph, service composition recommendation, topic model.

Ontology-Driven News Classification with Aethalides

Wouter Rijvordt, Frederik Hogenboom and Flavius Frasincar

Econometric Institute, Erasmus School of Economics, Erasmus University Rotterdam, Rotterdam, the Netherlands

Abstract: [+]    |    Download File [ 812KB ]    |   Read Article Online

Abstract: The ever-increasing amount of Web information offered to news readers (e.g., news analysts) stimulates the need for news selection, so that informed decisions can be made with up-to-date knowledge. Hermes is an ontologybased framework for building news personalization services. It uses an ontology crafted from available news sources, allowing users to select and filter interesting concepts from a domain ontology. The Aethalides framework enhances the Hermes framework by enabling news classification through lexicographic and semantic properties. For this, Aethalides applies word sense disambiguation and ontology learning methods to news items. When tested on a set of news items on finance and politics, the Aethalides implementation yields a precision and recall of 74.4% and 49.4%, respectively, yielding an F0:5-measure of 67.6% when valuing precision more than recall.

Keywords: News personalization, word sense disambiguation, ontology learning, semantic web.

Model Driven Development of Gamified Applications

Piero Fraternali and Sergio Luis Herrera Gonzalez

Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Piazza Leonardo da Vinci 32, Milan, 20133, Italy

Abstract: [+]    |    Download File [ 2297KB ]    |   Read Article Online

Abstract: Gamification is defined as the injection of game elements in applications with non-gaming purposes. This technique has shown outstanding results in promoting the engagement and activity on communities of users, in both business and non-for-profits fields. Often, gamification features are added late in the application life-cycle and must be weaved into the existing functions. In this paper, we present a model-driven approach to the design of gamified applications, which accelerates the introduction of gamification elements in pre-existing or new applications. The approach relies on a data model of gamification features and on design patterns for the front-end, which encode the essential elements of gamification in a platform independent way.

Keywords: Model Driven Engineering, gamification, rapid prototyping, code generation, IFML.

Privacy-Preserving Reengineering of Model-View-Controller Application Architectures Using Linked Data

Juan Manuel Dodero, Mercedes Rodriguez-Garcia, Iván Ruiz-Rube and Manuel Palomo-Duarte

School of Engineering, University of Cadiz, Av. de la Universidad 10, 11519 Puerto Real, Cádiz, Spain

Abstract: [+]    |    Download File [ 974KB ]    |   Read Article Online

Abstract: When a legacy system’s software architecture cannot be redesigned, implementing additional privacy requirements is often complex, unreliable and costly to maintain. This paper presents a privacy-by-design approach to reengineer web applications as linked data-enabled and implement access control and privacy preservation properties. The method is based on the knowledge of the application architecture, which for the Web of data is commonly designed on the basis of a model-view-controller pattern. Whereas wrapping techniques commonly used to link data of web applications duplicate the security source code, the new approach allows for the controlled disclosure of an application’s data, while preserving non-functional properties such as privacy preservation. The solution has been implemented and compared with existing linked data frameworks in terms of reliability, maintainability and complexity.

Keywords: Privacy by design, Web of data, Software architecture, Model- View-Controller.

River Publishers: Journal of Web Engineering