Abstract: Web-based vulnerabilities represent a substantial portion of the security exposures of computer networks. In order to detect known web-based attacks, misuse detection systems are equipped with a large number of signatures. Unfortunately, it is difficult to keep up with the daily disclosure of web-related vulnerabilities, and, in addition, vulnerabilities may be introduced by installation-specific web-based applications. Therefore, misuse detection systems should be complemented with anomaly detection systems. This paper presents an intrusion detection system that uses a number of different anomaly detection techniques to detect attacks against web servers and web-based applications. The system correlates the server-side programs referenced by client queries with the parameters contained in these queries. The application-specific characteristics of the parameters allow the system to perform focused analysis and produce a reduced number of false positives. The system derives automatically the parameter profiles associated with web applications (e.g., length and structure of parameters) from the analyzed data. Therefore, it can be deployed in very different application environments without having to perform time-consuming tuning and configuration.

Abstract: The purpose of this study was to explore students' information searching strategies in Web-based science learning activities and further examine the influence of students' Internet self-efficacy on these strategies. Eight subjects were randomly selected from a pool of 73 college freshmen based on mixed genders and Internet self-efficacy levels. In-depth case studies and comparisons were used to analyse subjects' Web-based searching and learning achievement, online searching strategies and the role of Internet self-efficacy. The results showed evidence that high Internet self-efficacy students had better information searching strategies and learned better than those with low Internet self-efficacy in a Web-based learning task. This study further proposed a framework for analysing Web-based searching strategies. This study also reflected the importance of explicitly helping students acquire better metacognitive Web searching strategies.

Abstract: According to the invention, application developers separate their Web application into two layers: a highly distributed edge layer and a centralized origin layer. In a representative embodiment, the edge layer supports a servlet container that executes a Web tier (304), typically the presentation layer of a given Java-based application. Where necessary, the edge layer communicates with code running on an origin server to respond to a given request.

Abstract: A new web content structure based on visual representation is proposed in this paper. Many web applications such as information retrieval, information extraction and automatic page adaptation can benefit from this structure. This paper presents an automatic top-down, tag-tree independent approach to detect web content structure. It simulates how a user understands web layout structure based on his visual perception. Comparing to other existing techniques, our approach is independent to underlying documentation representation such as HTML and works well even when the HTML structure is far different from layout structure. Experiments show satisfactory results.

Abstract: As a large and complex application platform, the World Wide Web is capable of delivering a broad range of sophisticated applications. However, many Web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Here we analyze the design of Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to attacks such as SQL injection and cross-site scripting. We describe the use of a number of software-testing techniques (including dynamic analysis, black-box testing, fault injection, and behavior monitoring), and suggest mechanisms for applying these techniques to Web applications. Real-world situations are used to test a tool we named the Web Application Vulnerability and Error Scanner (WAVES, an open-source project available at http://waves.sourceforge.net) and to compare it with other tools. Our results show that WAVES is a feasible platform for assessing Web application security.

Abstract: We describe a simple software tool, ‘matrix2png’, for creating color images of matrix data. Originally designed with the display of microarray data sets in mind, it is a general tool that can be used to make simple visualizations of matrices for use in figures, web pages, slide presentations and the like. It can also be used to generate images ‘on the fly’ in web applications. Both continuous-valued and discrete-valued (categorical) data sets can be displayed. Many options are available to the user, including the colors used, the display of row and column labels, and scale bars. In this note we describe some of matrix2png’s features and describe some places it has been useful in the authors’ work. Availability: A simple web interface is available, and Unix binaries are available from http://microarray.cpmc. columbia.edu/matrix2png. Source code is available on request. Contact: pp175@columbia.edu

Abstract: Newly developed Web-based educational technologies offer researchers unique opportunities to study how students learn and what approaches to learning lead to success. Web-based systems routinely collect vast quantities of data on user patterns, and data mining methods can be applied to these databases. This paper presents an approach to classifying students in order to predict their final grade based on features extracted from logged data in an education Web-based system. We design, implement, and evaluate a series of pattern classifiers and compare their performance on an online course dataset. A combination of multiple classifiers leads to a significant improvement in classification performance. Furthermore, by learning an appropriate weighting of the features used via a genetic algorithm (GA), we further improve prediction accuracy. The GA is demonstrated to successfully improve the accuracy of combined classifier performance, about 10 to 12% when comparing to non-GA classifier. This method may be of considerable usefulness in identifying students at risk early, especially in very large classes, and allow the instructor to provide appropriate advising in a timely manner.

Abstract: Since web workloads are known to vary dynamically with time, in this paper, we argue that dynamic resource allocation techniques are necessary to provide guarantees to web applications running on shared data centers. To address this issue, we use a system architecture that combines online measurements with prediction and resource allocation techniques. To capture the transient behavior of the application workloads, we model a server resource using a time-domain description of a generalized processor sharing (GPS) server. This model relates application resource requirements to their dynamically changing workload characteristics. The parameters of this model are continuously updated using an online monitoring and prediction framework. This framework uses time series analysis techniques to predict expected workload parameters from measured system metrics. We then employ a constrained non-linear optimization technique to dynamically allocate the server resources based on the estimated application requirements. The main advantage of our techniques is that they capture the transient behavior of applications while incorporating nonlinearity in the system model. We evaluate our techniques using simulations with synthetic as well as real-world web workloads. Our results show that these techniques can judiciously allocate system resources, especially under transient overload conditions.

Abstract: Since web workloads are known to vary dynamically with time, in this paper, we argue that dynamic resource allocation techniques are necessary to provide guarantees to web applications running on shared data centers. To address this issue, we use a system architecture that combines online measurements with prediction and resource allocation techniques. To capture the transient behavior of the application workloads, we model a server resource using a time-domain description of a generalized processor sharing (GPS) server. This model relates application resource requirements to their dynamically changing workload characteristics. The parameters of this model are continuously updated using an online monitoring and prediction framework. This framework uses time series analysis techniques to predict expected workload parameters from measured system metrics. We then employ a constrained non-linear optimization technique to dynamically allocate the server resources based on the estimated application requirements. The main advantage of our techniques is that they capture the transient behavior of applications while incorporating nonlinearity in the system model. We evaluate our techniques using simulations with synthetic as well as real-world web workloads. Our results show that these techniques can judiciously allocate system resources, especially under transient overload conditions.

Abstract: A web application development environment and method employs an extensible user interface (XUI) Framework for creating GUI-managing components written in a declarative format for handling GUI components in a web application. The GUI-managing components are coordinated in a view presentation layer by a Controller in an Extended-Model-View-Controller (XMVC) pattern in conjunction with the business logic layer. The Controller is invoked by a user request for a web page and in turn invokes the GUI-managing components to parse information contained in a corresponding web application file for the requested web page in order to determine the templates and sub-templates to be invoked for handling the GUI components. Each template has a mode value which is set by mode information contained in the web application file for the requested web page. The XUI Framework has the ability to handle a rich set of GUI components without having to implement web applications development technologies. Instead, the declarative-formatted GUI components can be created and processed using lightweight technologies for client-side and server-side processing. The XUI Framework allows for the efficient authoring and processing of GUI components for a wide range of web applications.

Abstract: Building an enterprise-scale software system is a complex undertaking. Despite decades of technological advances, the demands imposed by today’s information systems frequently stretch to breaking point a company’s ability to design, construct, and evolve its mission-critical software solutions. In particular, few new systems are designed from the ground up. Rather, a software architect’s task is commonly that of extending the life of an existing solution by describing new business logic that manipulates an existing repository of data, presenting existing data and transactions through new channels such as an Internet browser or handheld devices, integrating previously disconnected systems supporting overlapping business activities, and so on. To assist software developers, commercial software infrastructure products are now available from vendors such as Microsoft and IBM. They form the centerpiece of the approaches to software development they advocate in their .NET and WebSphere product lines, respectively. Both approaches focus on assembly of systems from distributed services [1,2]. However, is there anything new about building enterprise-scale solutions from services? How do the lessons of component-based systems apply to construction of service-based architectures (SOA)? What are the best approaches for building high quality systems for deployment to this new generation of software infrastructure products? These important questions are the topic of this paper.

Abstract: A web service is a web-accessible piece of software or hardware. In recent years, industry has been showing increasing interest in web services as a technology for building distributed web applications. However, web services as a technology lacks in several departments. Representations for describing web services have been widely investigated by industry and academia. Service composition-that is, automated methods for constructing a sequence of web services to achieve a desired result- has been relatively neglected. We present in this paper, a planner that composes atomic/basic services described in DAML-S into a composite service. We discuss issues involved with the design of planners for composition. We also propose a set of guidelines for de- scribing services that facilitates composition.

Abstract: A web-based, knowledge management system for an education system that includes functionality for multi-tier data-gathering, data analysis, and data reporting capabilities that link, integrate, and output data at the student, classroom, school, district, and state governmental levels.

Abstract: Aims. The purpose of the study was to describe Registered Nurses’ experiences when taking a web-based course from either the workplace or home, and the impact of their learning on clinical practice. Rationale. Little is known about the web-based learners’ experience, particularly when courses are accessed from the nursing practice setting. Even less is known about whether nurses transfer their web-based learning to clinical practice. Methods. A qualitative design employing focus group interviews was used. Participants included hospital and community nurses from three Canadian provinces and one territory. Data were collected at three points over a 6-month period and analysed using a thematic analysis process. These findings emanate from a larger study using survey method and focus group interviews. Results. The focus group interviews captured the hurdles nurses faced during the first weeks when they struggled with technology, re-framed their views of teaching and adjusted to web-based learning from home and work. These first stressful weeks were followed by a period during which nurses developed relationships with the teacher and peers that enabled them to focus on learning and prevented attrition. Most nurses reported the web course was convenient and that they would be interested and comfortable using technology for learning and work purposes in the future. Six weeks after the course was completed, nurses articulated a number of ways the course had improved their practice. Conclusion. Initial weeks in a web-based course can be very challenging for novice Internet users, however, most nurses who completed the course reported a positive learning experience. Nurses, employers and educators should evaluate computer skills, computer access and the learning environment when preparing for web-based learning.

Abstract: The majority of web pages served today are generated dynamically, usually by an application server querying a back-end database. To enhance the scalability of dynamic content serving in large sites, application servers are offloaded to front-end nodes, called edge servers. The improvement from such application offloading is marginal, however, if data is still fetched from the origin database system. To further improve scalability and cut response times, data must be effectively cached on such edge servers. The scale of deployment of edge servers and the rising costs of their administration demand that such caches be self-managing and adaptive. In this paper, we describe DBProxy, an edge-of-network semantic data cache for web applications. DBProxy is designed to adapt to changes in the workload in a transparent and graceful fashion by caching a large number of overlapping and dynamically changing “materialized views”. New “views” are added automatically while others may be discarded to save space. Inthis paper, we discuss the challenges of designingandimplementing such a dynamic edge data cache, and describe our proposed solutions.

Abstract: Motivation: Sites with substantive bioinformatics operations are challenged to build data processing and delivery infrastructure that provides reliable access and enables data integration. Locally generated data must be processed and stored such that relationships to external data sources can be presented. Consistency and comparability across data sets requires annotation with controlled vocabularies and, further, metadata standards for data representation. Programmatic access to the processed data should be supported to ensure the maximum possible value is extracted. Confronted with these challenges at the National Cancer Institute Center for Bioinformatics, we decided to develop a robust infrastructure for data management and integration that supports advanced biomedical applications. Results: We have developed an interconnected set of software and services called caCORE. Enterprise Vocabulary Services (EVS) provide controlled vocabulary, dictionary and thesaurus services. The Cancer Data Standards Repository (caDSR) provides a metadata registry for common data elements. Cancer Bioinformatics Infrastructure Objects (caBIO) implements an object-oriented model of the biomedical domain and provides Java, Simple Object Access Protocol and HTTP–XML application programming interfaces. caCORE has been used to develop scientific applications that bring together data from distinct genomic and clinical science sources. Availability: caCORE downloads and web interfaces can be accessed from links on the caCORE web site (http://ncicb.nci.nih.gov/core). caBIO software is distributed under an open source license that permits unrestricted academic and commercial use. Vocabulary and metadata content in the EVS and caDSR, respectively, is similarly unrestricted, and is available through web applications and FTP downloads.

Abstract: A system, method and medium for accessing a text editor, accessing a text tool, and associating text tool data with the text editor. The text editor may invoke the text tool. The text tool data may be stored as HyperText Markup Language, or translated to a displayable format at run time.

Abstract: For the last two decades, configuration systems relying on AI techniques have successfully been applied in industrial environments. These systems support the configuration of complex products and services in shorter time with fewer errors and, therefore, reduce the costs of a mass-customization business model. The European Union-funded project entitled CUSTOMER-ADAPTIVE WEB INTERFACE FOR THE CONFIGURATION OF PRODUCTS AND SERVICES WITH MULTIPLE SUPPLIERS (CAWICOMS) aims at the next generation of web-based configuration applications that cope with two challenges of today's open, networked economy: (1) the support for heterogeneous user groups in an open-market environment and (2) the integration of configurable subproducts provided by specialized suppliers.This article describes the CAWICOMS WORKBENCH for the development of configuration services, offering personalized user interaction as well as distributed configuration of products and services in a supply chain. The developed tools and techniques rely on a harmonized knowledge representation and knowledge-acquisition mechanism, open XML-based protocols, and advanced personalization and distributed reasoning techniques. We exploited the workbench based on the real-world business scenario of distributed configuration of services in the domain of information processing-based virtual private networks.

Abstract: The web-services stack of standards is designed to support the reuse and interoperation of software components on the web. A critical step in the process of developing applications based on web services is service discovery, i.e., the identification of existing web services that can potentially be used in the context of a new web application. UDDI, the standard API for publishing web-services specifications, provides a simple browsing-by-business-category mechanism for developers to review and select published services. To support programmatic service discovery, we have developed a suite of methods that utilizes both the semantics of the identifiers of WSDL descriptions and the structure of their operations, messages and data types to assess the similarity of two WSDL files. Given only a textual description of the desired service, a semantic information-retrieval method can be used to identify and order the most similar service-description files. This step assesses the similarity of the provided description of the desired service with the available services. If a (potentially partial) specification of the desired service behavior is also available, this set of likely candidates can be further refined by a semantic structure-matching step assessing the structural similarity of the desired vs. the retrieved services and the semantic similarity of their identifier. In this paper, we describe and experimentally evaluate our suite of service-similarity assessment methods.

Abstract: A system and method for automatically targeting Web-based advertisements is described. Advertisements are identified relative to a query, wherein identified advertisements describe characteristics relative to at least one of a product and a service. The advertisements are scored according to match between the query and the characteristics of the identified advertisements. At least some of the advertisements are provided as Web-based content.

Abstract: A web based universal printing system that enables printing of documents without having the software application that was used to create the document on a client, or without the client being physically connected to the printer. The client using hypertext transfer protocol connects to a web page, selects a printer and finishing options associated with the selected printer, and then sends a document in its native format to a print server. The print server having the printer driver for the selected printer, converts the document to a print file and then sends the print file to the selected printer for printing. A jobs log database coupled to the print server logs system events and provides accounting capabilities. A job queue manager monitors the printer and print job and can report the status of the printer or the print job to the client.

Abstract: A system provides single sign-on capabilities for accessing a Web application through a passive client across multiple realms within a federation. A federation refers to different organizations or realms that have employed agreements, standards, and/or cooperative technologies to make user identity and entitlements portable between the organizations. Communications are redirected through a client in one realm to obtain a security token that can allow the resource server in the other realm to authenticate the user for access to the Web application.

Abstract: A computing system for performing stateful distributed computing includes a client machine having a Client Runtime Environment (CRE) (224) that is adapted to maintain the state (108) of an application (106) in the client machine (219). The CRE (224) maintains state (108) of the application (106) by first retrieving a first markup document of the application (106), creating and storing a first object oriented representation of information contained in the first markup document. The first object oriented representation defines a first state (108) of the application (106). Next, retrieving a second markup document, creating and storing a second object oriented representation of information contained in the second markup document. Finally merging the first and second object oriented representations thereby forming a new ol~ject oriented representation of information contained in the first or the second markup documents. This new object oriented representation defines a new state of said application (106). The CRE (224) may further update the new state of the application (106) by retrieving one or more additional markup documents, creating and storing one or more additional object oriented representations of information contained in the one or more additional markup documents, respectively, and merging the one or more additional object oriented representations with the new object oriented representation thereby forming an updated state of the application (106).

Abstract: Two of the principal issues, which have been addressed in assessments of the benefits of web-based instructional systems, are firstly, whether the segmentation of information provided by the web structure aids users in apprehending the interrelationships between the units of information featured in the web. Secondly, whether providing the user with an overview of the web system assists in facilitating his/her learning. It is suggested in the present study that these two issues may be more effectively understood by a consideration of an individual's cognitive style. Fifty participants were assigned to one of two web-based instructional systems featuring information on the subject of psychological ethics. The information in one of the web systems was segmented to a greater degree than the information in the other. Half the participants using each web system were given an overview of the system and half were not. After a given time using the system, participants were tested on the information from the web. The findings suggest that cognitive style and segmentation had an effect on performance, although the provision of the overview had little effect. The results are discussed in terms of a consideration of cognitive style in the design of web-based instructional systems.

Abstract: As firms begin to implement web-based presentation and data mining tools to enhance decision support capability, the firm's knowledge workers must determine how to most effectively use these new web-based tools to deliver competitive advantage. The focus of this study is on evaluating how knowledge workers integrate these tools into their information and knowledge management requirements. The relationship between the independent variables (web-based data mining software tools and business models) and the dependent variable (strategic performance capabilities) is empirically tested in this study. The results from this study demonstrate the positive interaction effect between the tools and models application on strategic performance capability.

Abstract: A unified web-based voice messaging system provides voice application control between a web browser and an application server via an hypertext transport protocol (HTTP) connection on an Internet Protocol (IP) network. The application server executes the voice-enabled web application by runtime execution of a first set of extensible markup language (XML) documents that define the voice-enabled web application to be executed. The application server generates an HTML form specifying selected application parameters from an XML document executable by the voice application. The HTML form is supplied to a browser, enabling a user of the browser to input or modify application parameters for the corresponding XML document into the form. The application server inserts the received input application parameters into the XML document, and stores the document.

Abstract: Mechanisms for allowing allow multi-session capability and session-return enabling stateful web applications include providing a start URL of a requested portal page with an “External Session ID” (ESID). The ESID is an argument that is different between the two instances of the application (on the same page), and leads to different/independent sessions in the server. When a user returns to the same page, the ESIDs are passed again with the individual application requests, and the server can then logically reconnect to the proper session and allow the user to continue. The ESID can be used to return to an application after the user has previously left to go to another application and then desires to come back, or even when the user closed the browser and restarts the application later.

Abstract: Newly developed web-based educational technologies offer researchers unique opportunities to study how students learn and what approaches to learning lead to success. Web-based systems routinely collect vast quantities of data on user patterns, and data mining methods can be applied to these databases. This paper presents an approach to classifying students in order to predict their final grade based on features extracted from logged data in an education web-based system. We design, implement, and evaluate a series of pattern classifiers and compare their performance on an online course dataset. A combination of multiple classifiers leads to a significant improvement in classification performance. Furthermore, by learning an appropriate weighting of the features used via a genetic algorithm (GA), we further improve prediction accuracy. The GA is demonstrated to successfully improve the accuracy of combined classifier performance, about 10 to 12% when comparing to non-GA classifier. This method may be of considerable usefulness in identifying students at risk early, especially in very large classes, and allow the instructor to provide appropriate advising in a timely manner.

Abstract: This work presents an OO software production method that defines a systematic process for conceptual modelling of web applications. The paper discusses a set of minimum primitives to capture the essentials of dynamic web applications and it discusses how to introduce them in a classical model-centered OO method that provides systematic code generation. Finally, the paper presents some ideas to extend this generation process for developing web solutions taking as an input these web enhanced conceptual schemas.