Hybrid Security Assessment Methodology for Web Applications

This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box,to carry out the security validation of a web application in an agile and precise way.The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks.Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage,so that the results generated in one phase are used as feed for the following phases in order to get an optimized global security analysis result.The methodology can be used as part of other more general methodologies that do not cover how to use static and dynamic analysis tools in the implementation and testing phases of a Secure Software Development Life Cycle(SSDLC).A practical application of the methodology to analyze the security of a real web application demonstrates its effectiveness by obtaining a better optimized vulnerability detection result against the true and false positive metrics.Dynamic analysis with manual checking is used to audit the results,24.6 per cent of security vulnerabilities reported by the static analysis has been checked and it allows to study which vulnerabilities can be directly exploited externally.This phase is very important because it permits that each reported vulnerability can be checked by a dynamic second tool to confirm whether a vulnerability is true or false positive and it allows to study which vulnerabilities can be directly exploited externally.Dynamic analysis finds six(6)additional critical vulnerabilities.Access control analysis finds other five(5)important vulnerabilities such as Insufficient Protected Passwords or Weak Password Policy and Excessive Authentication Attacks,two vulnerabilities that permit brute force attacks.

Protein-protein interactions: Methods, databases, and applications in virus-host study

Almost all the cellular processes in a living system are controlled by proteins:They regulate gene expression,catalyze chemical reactions,transport small molecules across membranes,and transmit signal across membranes.Even,a viral infection is often initiated through virus-host protein interactions.Protein-protein interactions(PPIs)are the physical contacts between two or more proteins and they represent complex biological functions.Nowadays,PPIs have been used to construct PPI networks to study complex pathways for revealing the functions of unknown proteins.Scientists have used PPIs to find the molecular basis of certain diseases and also some potential drug targets.In this review,we will discuss how PPI networks are essential to understand the molecular basis of virus-host relationships and several databases which are dedicated to virus-host interaction studies.Here,we present a short but comprehensive review on PPIs,including the experimental and computational methods of finding PPIs,the databases dedicated to virus-host PPIs,and the associated various applications in protein interaction networks of some lethal viruses with their hosts.

Reform of Human-Computer Interaction Course based on Mobile Application Interaction Design

With the popularity of new intelligent mobile devices in people’s lives,the development of mobile applications has paid increasing attention to the interactive experience of users.As the content of traditional Human-Computer Interaction(HCI)course and teaching material is out of date,it cannot meet the needs of mobile application interaction design and enterprises for students.Therefore,we need a new generation HCI course based on intelligent mobile devices to study the relationship between users and systems.The HCI course not only teaches students HCI theory and model,but also needs to cultivate students’interaction-oriented design practical ability.This paper proposes a set of HCI teaching material design and teaching methods for improving HCI class quality on mobile application interaction design,so as to make students more suitable for the employment requirements of enterprises.

Interaction between Cationic Surfactants and Bromopyrogallol Red as well as Its Application for the Sensitive and Selective Determination of Mo in Mo/W Binary Mixtures

Prior to formation of the micelles of cationic surfactant (CSF), bromopyrogallol red (BPR) could exist in the forms of both monomer and oligomer After that, however, only BPR monomer existed. Nonionic surfactant OP-10 favoured the oligomerization of BPR monomer. The mixed micellar media prepared by mixing CSF and OP-10 in an appropriate ratio could be used for the sensitive and selective determination of Mo in Mo/W binary mixtures.

The Applicability of the Internet in EFL Teaching in China

The Intemet is an unarguably valuable resource and tool in assisting ESL/EFL teaching and learning. However, it is also an expensive and not yet soundly developed technology that requires caution when used in teaching language on a large scale. This paper discusses the value of the Intemet in teaching languages, the current ways that it is used in teaching English and examines the applicability of using it in EFL teaching in China.