Master Degree / Yüksek Lisans Tezleri

Permanent URI for this collectionhttps://hdl.handle.net/11147/3008

Browse

Filters

2014 - 20152

Settings

Author: search.filters.author.Tuğlular, TuğkanSubject: search.filters.subject.JavaScript (Computer program language)

Search Results

Now showing 1 - 2 of 2
  • Master Thesis
    Collection and Classification of Javascript Libraries Included in Website
    (Izmir Institute of Technology, 2015) Atıcı, İrem; Tuğlular, Tuğkan; Tuğlular, Tuğkan; 03.04. Department of Computer Engineering; 03. Faculty of Engineering; 01. Izmir Institute of Technology
    Over the past years, web development processes have been improved incredibly with the fact that websites and web applications became extremely useful and beneficial in several different areas such as business, education, e-commerce, entertainment etc. At the same time, web development tools and technologies have been improved to be able to develop more creative and interactive websites and web applications. Therefore, a wide variety of methods, tools and languages for developing websites and web applications are available for the web developers nowadays. In this thesis, JavaScript among all of the web development technologies is analyzed with the hope of contributing web development processes. A prototype named JS_Librarian has been developed for this thesis with the purpose of collection and classification of JavaScript libraries included in websites. The application accepts website URLs as input. After it receives URLs, it makes request to the webpages of the website and retrieves the HTML code. Then JavaScript code is extracted from the HTML code, so the basic process of information retrieval is achieved in this way. After the information retrieval process, JavaScript codes are analyzed and selected classification methods are applied to the URLs that are residing in the system. At the end of the study, JavaScript libraries have been classified based on specified website categories and the retrieval reports from the application represents that class of JavaScript libraries used in websites may vary according to categories of websites.
  • Master Thesis
    Measurement of Javascript Applications' Readiness To Untrusted Data Using Bayesian Networks
    (Izmir Institute of Technology, 2014) Ufuktepe, Ekincan; Ufuktepe, Ekincan; Tuğlular, Tuğkan; Tuğlular, Tuğkan; 03.04. Department of Computer Engineering; 03. Faculty of Engineering; 01. Izmir Institute of Technology
    Web applications have become an integral part of our daily lives. People mostly provide their important needs, such as people keep their private data, do their banking transactions, shopping etc. through web applications. Therefore, web applications have been an attractive target to malicious individuals and organizations. The usage of JavaScript language by web application developers is increasing very fast, especially after JavaScript started to service back-end developers as well. Therefore, JavaScript has incorporated both front-end and back-end developers. Concurrently, due to flexibility and its most popular library called jQuery, JavaScript has become an attractive to web application developers. OWASP updates the top 25 security vulnerabilities regularly. According the results, SQL Injection (CWE-89) and Operating System Command Injection (CWE-78) has taken the 1st place and Cross-Site Scripting (XSS) (CWE-79) has taken the 3rd place. The results shows that three input validation based vulnerabilities appear in the top three; therefore, it can be said that input validation vulnerabilities have become critical vulnerabilities of web applications. However, developers still fail to validate the inputs or use libraries to protect their web applications against input validation vulnerabilities. In this thesis, JavaScript application’s functions are analyzed to determine if their parameters are validated or not. Then, according to the invalidated inputs, a Bayesian Network to measure its readiness to input validation vulnerabilities is generated.