[Show abstract][Hide abstract] ABSTRACT: The key contribution of Aspect-Oriented Programming (AOP) is the encapsulation of crosscutting concerns in aspects, which facilities modular reasoning. However, common methods of introducing aspects into the system, incorporating features such as implicit control-flow, mean that the ability to discover interactions between aspects can be compromised. This has profound implications for developers working on fault-tolerant systems. We present an analysis for aspects which can re- veal these interactions, thus providing insight into positioning of error detection mechanisms and outlining candidate containment units. We also present Aida, an implementation of this analysis for the AspectJ language.
[Show abstract][Hide abstract] ABSTRACT: Public user profile information is a common feature of modern websites. These profiles can provide a valuable resource for investigators tracing digital artefacts of crime, but current approaches are limited in their ability to link identities across different platforms. We address this through a service-independent model of user profile information, grounded in the details visible on a number of the most-frequented sites on the web. Building on this, we report the details most widespread across platforms and the number of features visible on each site, thus highlighting details of use to both privacy researchers and investigators attempting to cross-link profiles.
IEEE Joint Intelligence and Security Informatics Conference (JISIC), The Hague; 09/2014
[Show abstract][Hide abstract] ABSTRACT: The Isis toolkit offers the sophisticated capabilities required to analyze digital personas and provide investigators with clues to the identity of the individual or group hiding behind one or more personas.
[Show abstract][Hide abstract] ABSTRACT: One of the aims of Aspect-Oriented Requirements Engineering is to ad- dress the composability and subsequent analysis of crosscutting and non-crosscutting concerns during requirements engineering. A composition definition explicitly rep- resents interdependencies and interactions between concerns. Subsequent analysis of such compositions helps to reveal conflicting dependencies that need to be resolved in requirements. However, detecting conflicts in a large set of textual aspect-oriented requirements is a difficult task as a large number of explicitly defined interdependen- cies need to be analyzed. This paper presents EA-Analyzer, the first automated tool for identifying conflicts in aspect-oriented requirements specified in natural-language text. The tool is based on a novel application of a Bayesian learning method. We present an empirical evaluation of the tool with three industrial-strength requirements documents from different domains and a fourth academic case study used as a de facto benchmark in several areas of the aspect-oriented community. This evaluation shows that the tool achieves up to 93.90 % accuracy regardless of the documents chosen as the training and validation sets.
[Show abstract][Hide abstract] ABSTRACT: The volume of illegal material on file-sharing networks poses a challenge for investigators attempting to police such networks. We propose a novel approach that automates the resource intensive task of identifying previously unknown files of interest amongst hundreds of thousands of files shared on such net-works. We also describe how this approach could be used to identify clusters of peers that might be closely related to each other, either as part of a syndicate, or as multiple personae of the same individual. Our approach is based on the collaborative filtering techniques typically used in recommender systems. In this study we find that we can successfully make use of collaborative filtering techniques to find new media belonging to specific categories of interest to an investigation of a peer-to-peer network, without having to examine filenames or file contents. We also find evidence that distance metrics from collaborative filtering could be useful in the clustering and identification of peers on file-sharing networks. Additionally, we describe an unsuccessful attempt at using collaborative filtering to predict the future file-sharing behaviour of peers.
[Show abstract][Hide abstract] ABSTRACT: Early aspects are crosscutting concerns that are identified and addressed at the requirements and architecture level, while code aspects are crosscutting concerns that manifest at the code level. Currently, there are many approaches to address the identification and modularization of these cross- cutting concerns at each level, but very few techniques try to analyze the relationship between early aspects and code as- pects. This paper presents a tool for automating the process of identifying traceability links between requirements-level aspects and code aspects, which is a first step towards an analysis of the relationship between the early aspects and code aspects. We also present an empirical evaluation of the tool with a real-life Web-based information system and a software product line for handling data on mobile devices. The results show that we can identify traceability links be- tween early aspects and code aspects with a high accuracy.
[Show abstract][Hide abstract] ABSTRACT: Online social networks are now common place in day-to-day lives. They are also increasingly used to drive social action initiatives, either led by government or communities themselves (e.g., SeeClickFix, LoveLewisham.org, mumsnet). However, such initiatives are mainly used for crowd sourcing community views or coordinating activities. With the changing global economic and political landscape, there is an ever pressing need to engage citizens on a large-scale, not only in consultations about systems that affect them, but also involve them directly in the design of these very systems. In this paper we present the UDesignIt platform that combines social media technologies with software engineering concepts to empower communities to discuss and extract high-level design features. It combines natural language processing, feature modelling and visual overlays in the form of “image clouds” to enable communities and software engineers alike to unlock the knowledge contained in the unstructured and unfiltered content of social media where people discuss social problems and their solutions. By automatically extracting key themes and presenting them in a structured and organised manner in near real-time, the approach drives a shift towards large-scale engagement of community stakeholders for system design.
Proceedings - International Conference on Software Engineering 01/2012;
[Show abstract][Hide abstract] ABSTRACT: The collection of representative corpus samples of both child language and online (CMC) language varieties is crucial for linguistic research that is motivated by applications to the protection of children online. In this paper, we present an extensive survey of corpora available for these two areas. Although a significant amount of research has been undertaken both on child language and on CMC language varieties, a much smaller number of datasets are made available as corpora. Especially lacking are corpora which match requirements for verifiable age and gender metadata, although some include self-reported information, which may be unreliable. Our survey highlights the lack of corpus data available for the intersecting area of child language in CMC environments. This lack of available corpus data is a significant drawback for those wishing to undertake replicable studies of child language and online language varieties.
International Journal of Corpus Linguistics 01/2012; 17(4). · 0.77 Impact Factor
[Show abstract][Hide abstract] ABSTRACT: Privacy control mechanisms for online social networks (OSNs) offer little by way of managing access to a user's personal information by third-party applications (TPAs). Most OSNs provide an "accept all or nothing" mechanism for managing permissions from TPAs to access a user's private data. In this paper, we propose an approach that makes all requests for private data from TPAs explicit and enables a user to exert fine-grained access control over what profile data can be accessed by individual applications. Equally importantly, our approach also allows users to share their access control configurations for TPAs with their friends who can reuse and rate such configurations. This is particularly beneficial to novice users or those new to a particular TPA or an OSN. We present an implementation of our approach for managing privacy for third-party Facebook applications and report an initial evaluation (N=50). A significant proportion of our sample (76%) found the collaborative privacy management approach useful in determining the type of applications one might use based on its privacy rankings and noted a raised awareness about data privacy issues arising from use of TPAs.
[Show abstract][Hide abstract] ABSTRACT: Model-driven engineering, especially using domain-specific lan-guages, allows constructing software from abstractions that are more closely fitted to the problem domain and that better hide technical details of the solution space. Code generation is used to produce ex-ecutable code from these abstractions, which may result in individ-ual concerns being scattered and tangled throughout the generated code. The challenge, then, becomes how to modularise the code-generator templates to avoid scattering and tangling of concerns within the templates themselves. This paper shows how symmet-ric, language-aware approaches to aspect orientation can be applied to code generation to improve modularisation support.
[Show abstract][Hide abstract] ABSTRACT: An increasing number of people are sharing ever-greater amounts of private information, making social networking sites a "personal data ecosystem". Such networks publish lengthy privacy policies explaining their data practices and provide users with extensive privacy controls to manage what they share and with whom. Despite this, privacy concerns over social networks are on the rise. It is not clear whether the published privacy policies are effectively reflected in privacy controls of the sites. In this paper we describe an exploratory approach that examines whether a clear mapping can be established between the privacy policies of social networking sites and the privacy controls. Our preliminary results show a significant disconnect between the two dichotomies.
PASSAT/SocialCom 2011, Privacy, Security, Risk and Trust (PASSAT), 2011 IEEE Third International Conference on and 2011 IEEE Third International Confernece on Social Computing (SocialCom), Boston, MA, USA, 9-11 Oct., 2011; 01/2011
[Show abstract][Hide abstract] ABSTRACT: Aspect-Oriented Programming (AOP) has introduced a complementary set of mechanisms which enhance the modularisation of crosscutting concerns. However, such mechanisms represent new potential sources of faults that may be systematically tackled with mutation testing. In this demonstration we present a tool, named Proteum/AJ, which automates the mutation testing of AspectJ programs. Proteum/AJ supports the main steps of this testing approach and realises a set of requirements for mutation-based testing tools like mutant handling, test case handling and mutant analysis. Our experience in using the tool provided us with evidence on the feasibility of performing mutation testing of AO programs. In this demonstration we are going to share some of this experience with the audience.
Companion Volume of the 10th International Conference on Aspect-Oriented Software Development, AOSD 2011, Porto de Galinhas, Brazil, March 21-25, 2011; 01/2011
[Show abstract][Hide abstract] ABSTRACT: The requirements and design level identification and representation of dynamic variability for adaptive systems is a challenging task. This requires time and effort to identify and model the relevant elements as well as the need to consider the large number of potentially possible system configurations. Typ- ically, each individual variability dimension needs to identified and modelled by enumerating each possible alternative. The full set of requirements needs to be reviewed to extract all potential variability dimensions. Moreover, each possible configuration of an adaptive system needs to be validated before use. In this demonstration, we present a tool suite that is able to manage dynamic variability in adaptive systems and tame such system complexity. This tool suite is able to automatically identify dynamic variability attributes such as variability dimensions, context, adaptation rules, and soft/hard goals from requirements documents. It also supports modelling of these artefacts as well as their run-time verification and validation. Index Terms—adaptive systems, feature models, natural lan- guage processing, modelling;
RE 2011, 19th IEEE International Requirements Engineering Conference, Trento, Italy, August 29 2011 - September 2, 2011; 01/2011
[Show abstract][Hide abstract] ABSTRACT: As aspects extend or replace existing functionality at specific join points in the code, their behavior may raise new exceptions, which can flow through the program execution in unexpected ways. Assuring the reliability of exception handling code in aspect-oriented (AO) systems is a challenging task. Testing the exception handling code is inherently difficult, since it is tricky to provoke all exceptions during tests, and the large number of different exceptions that can happen in a system may lead to the test-case explosion problem. Moreover, we have observed that some properties of AO programming (e.g., quantification, obliviousness) may conflict with characteristics of exception handling mechanisms, exacerbating existing problems (e.g., uncaught exceptions). The lack of verification approaches for exception handling code in AO systems stimulated the present work. This work presents a verification approach based on a static analysis tool, called SAFE, to check the reliability of exception handling code in AspectJ programs. We evaluated the effectiveness and feasibility of our approach in two complementary ways (i) by investigating if the SAFE tool is precise enough to uncover exception flow information and (ii) by applying the approach to three medium-sized ApectJ systems from different application domains.
[Show abstract][Hide abstract] ABSTRACT: Due to the very large number of configurations that can typically be derived from a Dynamic Software Product Line (DSPL), efficient and effective testing of such systems have become a major challenge for software developers. In particular, when a configuration needs to be deployed quickly due to rapid contextual changes (e.g., in an unfolding crisis), time constraints hinder the proper testing of such a configuration. In this paper, we propose to reduce the testing required of such DSPLs to a relevant subset of configurations. Whenever a need to adapt to an untested configuration is encountered, our approach determines the most similar tested configuration and reuses its test results to either obtain a coverage measure or infer a confidence degree for the new, untested configuration. We focus on providing these techniques for inference of structural testing results for DSPLs, which is supported by an early prototype implementation.
SIGSOFT/FSE'11 19th ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE-19) and ESEC'11: 13rd European Software Engineering Conference (ESEC-13), Szeged, Hungary, September 5-9, 2011; 01/2011
[Show abstract][Hide abstract] ABSTRACT: Aspect developers constantly make a range of assumptions about the context in which their aspects will be deployed; ranging from assumptions about other aspects deployed to assumptions about semantic properties of the base and the joinpoints at which an aspect is woven. Although it has been acknowledged that such assumptions need to be made explicit to validate aspects in the face of evolution (both of aspects and the base) and reuse as well as to mitigate the fragile-pointcut problem, so far no study exists that identifies the types of assumptions aspect developers make. In this paper, we present a retrospective study of three medium-sized open-source AspectJ projects and assumptions identified in these. This leads to an initial classification of assumptions that can form the basis for further research into how best to support each type of assumption.
Proceedings of the 10th International Conference on Aspect-Oriented Software Development, AOSD 2011, Porto de Galinhas, Brazil, March 21-25, 2011; 01/2011