A new PhD student, Sylvester Ajah, joins the University of Northampton to research into Computing.
Sylvester has come to work with Dr Ali Al-Sherbaz and Dr Scott Turner on Weightless Wireless Networks. Weightless networks are new approach in Machine-to-Machine (M2M) technology.
The University of Northampton (specifically Department of Computing and Immersive Technology, School of Science and Technology) is one of only five Universities to be members of the Weightless Special Interest Group (http://www.weightless.org/membership-login/list-of-members) that coordinate and enable all the activities needed to deliver the Weightless standard.
More details about Weightless can be found here.
Computing within Northamptonshire is dynamic with interests in many aspects of computing and engineering. All views are the author and the site is the property of the author.
Thursday 31 January 2013
Wednesday 30 January 2013
20 000 page views and counting
The blog has now exceeded 20000 page views.
Pageviews by Countries
Most popular posts over the last month
19 Jan 2013
|
32
| |||||||||
3 Jan 2013
|
25
| |||||||||
24 Jan 2013, 1 comment
|
21
| |||||||||
20
| ||||||||||
7 Jan 2013
|
18
| |||||||||
21 Dec 2012
|
18
| |||||||||
24 Jan 2013
|
18
| |||||||||
24 Jan 2013
|
18
| |||||||||
16
| ||||||||||
15
|
Monday 28 January 2013
Tool for web application vulnerability scanning
A recent MSc student project by Akhil Antony looked at a website that allows certain security risks (SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery) to be tested for.
Abstract:
Web applications are open and available on the internet 24/7 and the attackers can easily access the applications from anywhere and can penetrate the system by identifying and exploiting the vulnerability exists within it. Probability of web applications to be attacked is very high compared to the offline applications. The number of new developments for security enhancements is tend to be increasing, on the other hand the new modern technologies like HTML5, CSS3, jQuery, Silverlight and so on creates new vulnerabilities every minute and the number of such attacks increasing in a very high order. The attacker not just looking for the sensitive information from the victims web application; these applications could be used for further criminal activities including terrorism, drug dealing etc. The research is to investigate the vulnerabilities affecting the web applications and to develop an automated web application vulnerability scanner. The investigation is also focuses on the motivations and profits behind these attacks. With this application users could be able to test the web application’s security rating based on the possible vulnerabilities and developers could be able to perform penetration search within their application.
Web applications are open and available on the internet 24/7 and the attackers can easily access the applications from anywhere and can penetrate the system by identifying and exploiting the vulnerability exists within it. Probability of web applications to be attacked is very high compared to the offline applications. The number of new developments for security enhancements is tend to be increasing, on the other hand the new modern technologies like HTML5, CSS3, jQuery, Silverlight and so on creates new vulnerabilities every minute and the number of such attacks increasing in a very high order. The attacker not just looking for the sensitive information from the victims web application; these applications could be used for further criminal activities including terrorism, drug dealing etc. The research is to investigate the vulnerabilities affecting the web applications and to develop an automated web application vulnerability scanner. The investigation is also focuses on the motivations and profits behind these attacks. With this application users could be able to test the web application’s security rating based on the possible vulnerabilities and developers could be able to perform penetration search within their application.
Most
of the web applications suffers from generic validation errors and causes
security vulnerabilities. SQL Injection, Cross-Site Scripting (XSS), Cross-Site
Request Forgery etc are examples of popular vulnerabilities exist within web
applications. Majority of these web vulnerabilities are easy to identify and
avoid, but unfortunately the developers are not much security aware or they
work in very small time constraints. As a result more and more web applications
on the internet would be vulnerable. (Stefan Kals, 2006)
The
cyber crimes and the cyber attacks to web applications could be categorized on
a general principle that what illegal offline is illegal online. The research
is on the crimes which can only be carried out using the internet, including
attacks on computer systems to disrupt IT infrastructure, and the stealing of
data over a network using malware, often to enable further crime. The cyber
attackers attempt to access information stored on a computer. Information may
have a sale value (corporate espionage), may be valuable to the owner (ransom opportunity)
or may be useful for further illegal activity such as fraud. Threats,
motivations and profit achieved from cyber attacks being investigated.
Computing Courses
BSc and HND Computing Provision (click on the links below for more details of the courses)
BSc and HND Computing Provision (click on the links below for more details of the courses)
- BSc (Hons) Computing (also available part-time)
- BSc (Hons) Computing (Graphics and Visualisation)
- BSc (Hons) Computing (Internet Technology and Security)
- BSc (Hons) Computing (Mobile Computing)
- BSc (Hons) Computing (Software Engineering)
- BSc (Hons) Computing - One Year Top-Up
- BSc Computer Games Development
- HND Computing (Computer Networks Engineering)
- HND Computing (Computer Systems Engineering)
- HND Computing (Graphics and Visualisation)
- HND Computing (Internet Technology and Security)
- HND Computing (Mobile Computing)
- HND Computing (Software Engineering)
- HND Computing
The University of Northampton's, Department of Computing and Immersive Technologies offers five courses within the MSc Computing postgraduate provision (shown below) all available either part-time or full-time.
- MSc Computing
- MSc Computing (Internet Technology and Security)
- MSc Computing (Computer Networks Engineering)
- MSc Computing (Software Engineering)
- MSc Computing (Immersive Technologies)
The contents are the opinion of the author(s) and not necessarily the view of the University of Northampton.
Cloud Computing Infrastructure
Recent MSc Computing (Internet Technology and Security) dissertation work within the School of Science and Technology, University of Northampton, UK by Hang Xu.
Abstract
Cloud Computing (the Cloud) is getting hot in recent years
as well as the Cloud Computing Infrastructures which can be used to the
deployment of the Cloud infrastructure for enterprises, communities, or
individuals. OpenStack is one of the major cloud computing infrastructure and
services providers which have been developed by NASA and Rackspace. Another
term, Energy-Efficiency is being considered as a more and more important cloud
due to the effect that the IT technologies have made to the environment. Servers,
cooling systems and so on are generating a great number of CO2 emissions
to the global. Therefore, the research and technology on approaches about
reducing the CO2 emissions is getting more and more important to the
entire IT industry. In this paper, the relationship between the Cloud and
Energy-Efficiency will be discussed along with the achievement that has been
made to reduce CO2 emissions in recent years. Then, models for
deploying OpenStack will be created and the OpenStack cloud computing platform
will be implemented to the models. In the end, the author is going to discuss
the achievement of this paper.
Supervisor: Dr James Xue
Computing Courses
BSc and HND Computing Provision (click on the links below for more details of the courses)
BSc and HND Computing Provision (click on the links below for more details of the courses)
- BSc (Hons) Computing (also available part-time)
- BSc (Hons) Computing (Graphics and Visualisation)
- BSc (Hons) Computing (Internet Technology and Security)
- BSc (Hons) Computing (Mobile Computing)
- BSc (Hons) Computing (Software Engineering)
- BSc (Hons) Computing - One Year Top-Up
- BSc Computer Games Development
- HND Computing (Computer Networks Engineering)
- HND Computing (Computer Systems Engineering)
- HND Computing (Graphics and Visualisation)
- HND Computing (Internet Technology and Security)
- HND Computing (Mobile Computing)
- HND Computing (Software Engineering)
- HND Computing
The University of Northampton's, Department of Computing and Immersive Technologies offers five courses within the MSc Computing postgraduate provision (shown below) all available either part-time or full-time.
- MSc Computing
- MSc Computing (Internet Technology and Security)
- MSc Computing (Computer Networks Engineering)
- MSc Computing (Software Engineering)
- MSc Computing (Immersive Technologies)
The contents are the opinion of the author(s) and not necessarily the view of the University of Northampton.
Subscribe to:
Posts (Atom)