Iconic hyperlinks on e-commerce websites

The proper use of iconic interfaces reduces system complexity and helps users interact with systems more easily. However, due to carelessness, inadequate research, and the web's relatively short history, the icons used on web sites often are ambiguous. Because non-identifiable icons may convey meanings other than those intended, designers must consider whether icons are easily identifiable when creating web sites. In this study, visual icons used on e-business web sites were examined by population stereotypy and categorized into three groups: identifiable, medium, and vague. Representative icons from each group were tested by comparing selection performance in groups of student volunteers, with identifiable and medium icons improving performance. We found that only easily identifiable icons can reduce complexity and increase system usability.     

Evidence for global feature superiority in menu selection by icons

A search-and-select paradigm was adopted to investigate which visual characteristics of icons are relevant for menu selection. Two icon sets (abstract icons, representational icons) were compared to a word command set. For abstract icons, global features were used in order lo maximize their visual distinctiveness. For representational icons local features were used in order to ensure a high degree of representativeness and a small “articulatory distance”. Results revealed that abstract icons were searched and selected much faster than both word commands and representational icons. In addition, response time functions indicated that abstract icons can be searched in parallel (no effect of menu size) whereas word commands and representational icons have to be searched sequentially. Error rates were small in all conditions, and there was no indication of a speed-accuracy tradeoff. Thus, when icons are used in menu selection, visual distinctiveness (due to global features) seems to override respresentativeness (due to local features).     

基于XmlGlue的浏览器扩展技术研究

随着3G时代的到来,移动浏览器与传统的桌面浏览器在功能方面的区别越来越小。浏览器在移动设备上扮演着重要的角色,越来越多的应用和服务将通过浏览器发布。然而,与传统的应用相比,基于浏览器的网络应用缺乏本地调用的功能。该文提出了一种基于XmlGlue编程模型和CAR构件技术的方法,对开源浏览器引擎WebKit进行扩展。     

Enhancing web browser security against malware extensions

In this paper we examine security issues of functionality extension mechanisms supported by web browsers. Extensions (or “plug-ins”) in modern web browsers enjoy unrestrained access at all times and thus are attractive vectors for malware. To solidify the claim, we take on the role of malware writers looking to assume control of a user’s browser space. We have taken advantage of the lack of security mechanisms for browser extensions and implemented a malware application for the popular Firefox web browser, which we call browserSpy, that requires no special privileges to be installed. browserSpy takes complete control of the user’s browser space, can observe all activity performed through the browser and is undetectable. We then adopt the role of defenders to discuss defense strategies against such malware. Our primary contribution is a mechanism that uses code integrity checking techniques to control the extension installation and loading process. We describe two implementations of this mechanism: a drop-in solution that employs JavaScript and a faster, in-browser solution that makes uses of the browser’s native cryptography implementation. We also discuss techniques for runtime monitoring of extension behavior to provide a foundation for defending threats posed by installed extensions.     

Detection of cloaked web spam by using tag-based methods

Web spam attempts to influence search engine ranking algorithm in order to boost the rankings of specific web pages in search engine results. Cloaking is a widely adopted technique of concealing web spam by replying different content to search engines’ crawlers from that displayed in a web browser. Previous work on cloaking detection is mainly based on the differences in terms and/or links between multiple copies of a URL retrieved from web browser and search engine crawler perspectives. This work presents three methods of using difference in tags to determine whether a URL is cloaked. Since the tags of a web page generally do not change as frequently and significantly as the terms and links of the web page, tag-based cloaking detection methods can work more effectively than the term- or link-based methods. The proposed methods are tested with a dataset of URLs covering short-, medium- and long-term users’ interest. Experimental results indicate that the tag-based methods outperform term- or link-based methods in both precision and recall. Moreover, a Weka J4.8 classifier using a combination of term and tag features yields an accuracy rate of 90.48%.     

用CORBA和WEB技术构建分布式控制系统

提出并实现了一种基于CORBA和WEB技术的分布式控制系统构架。该构架采用WEB三层结构，便于各层的独立升级，通过对各种异构资源进行CORBA对象封装，实现了异构平台的互操作。在客户端通过WEB浏览器实现对目标资源的分布式控制和访问。     

New rule-based phishing detection method

In this paper, we present a new rule-based method to detect phishing attacks in internet banking. Our rule-based method used two novel feature sets, which have been proposed to determine the webpage identity. Our proposed feature sets include four features to evaluate the page resources identity, and four features to identify the access protocol of page resource elements. We used approximate string matching algorithms to determine the relationship between the content and the URL of a page in our first proposed feature set. Our proposed features are independent from third-party services such as search engines result and/or web browser history. We employed support vector machine (SVM) algorithm to classify webpages. Our experiments indicate that the proposed model can detect phishing pages in internet banking with accuracy of 99.14% true positive and only 0.86% false negative alarm. Output of sensitivity analysis demonstrates the significant impact of our proposed features over traditional features. We extracted the hidden knowledge from the proposed SVM model by adopting a related method. We embedded the extracted rules into a browser extension named PhishDetector to make our proposed method more functional and easy to use. Evaluating of the implemented browser extension indicates that it can detect phishing attacks in internet banking with high accuracy and reliability. PhishDetector can detect zero-day phishing attacks too.     

利用HTML5实现网页图表的研究

越来越多的网络应用程序开始使用B/S模式,从网站统计到企业报表,从普通的饼图到复杂的数据表格,越来越多的图表需要在浏览器中进行展示。通过对下一代网页标准HTML5中的一些新特性的研究,展示了通过这些新特性在web图表展示上的应用。     

有关Ajax相关问题探讨与研究

由于网站的增加随之而来的网页浏览器的重要性也日益增加。利用Ajax方法实豌异步通信的网站模式，让用户看到网站如同桌面应用程序的操作与交互。对Ajax原理研究的同时介绍了利用Ajax技术需要注意的问题，使Web开发人员对该技术有一个新的认识。     

Ontology based web simulation system for hydrodynamic modeling

Hydrodynamic models generally deal with large sets of data and utilize substantial computational resources. Powerful, robust servers with extensive storage capabilities are desirable for rapid execution. Unfortunately, it is not always possible to effort those kinds of facilities whereas a centralized computer system together with a user access interface can be a viable alternative for many clients. The simplest way a client can communicate with the central simulation server is by a web browser because it is available as a pre-installed application on most every computing platform purchased today. This type of environment is called web based simulation or WBS. In this study, the concepts necessary to design and develop a WBS for the simulation of hydrodynamic processes using legacy (FORTRAN) code are introduced. A formal specification of the simulation domain or an ontology has been developed that is the underlying concept to share, retrieve, and move the simulation data between the different components of the WBS. This ontology can also be used for future analysis and reuse of the simulation domain concepts and the associated data sets.     

Representing geotechnical entities on the World Wide Web

This paper describes the development of GeotechML, a mark-up language for representing geotechnical data on the web. GeotechML is a version of XML (Extensible Mark-up Language) specifically targeted at geotechnical engineering. The representation of geotechnical entities such as dams, retaining walls and foundations is presented. Stylesheets and Java applications have been developed to display the data graphically within a web browser. GeotechML will make it possible to search all geotechnical data available on the web. It is suggested that the World Wide Web will become an international repository of geotechnical information, avoiding the need to establish national or international geotechnical databases.     

WEB数据库技术分析研究

该篇文章分析了WEB数据库常用技术,讨论了WEB数据库数据存取的各种模式,着重研究了一种基于B／S结构的WEB数据库技术。     

An ethnographical study of the accessibility barriers in the everyday interactions of older people with the web

Older people experience many barriers when they access to the web. However, little is known about which barriers limit more (or less) their daily interactions. This paper presents some findings based on an ethnographical study of the everyday interactions of nearly 400 older people with the web over 3 years. Difficulties remembering steps, understanding terms and using the mouse are more severe than problems perceiving visual information, understanding icons and using the keyboard. This is largely explained by inclusion, independence and socialization, which are the three key components of real-life web use. This paper also shows that these aspects should be considered in other areas of web and ICT accessibility, as technophobia is not the only experience in the interactions of older people with the web, and both social relationships and life experiences beyond technologies need to be taken into account apart from age-related changes in abilities. These findings suggest that the current focus on compensating for age-related changes in functional abilities needs to be widened. Working towards making the web more accessible should not be divorced from real-life use. This paper discusses implications for web (and ICT) design, training and support.     

Automated analysis of timed security: a case study on web privacy

This paper presents a case study on an automated analysis of real-time security models. The case study on a web system (originally proposed by Felten and Schneider) is presented that shows a timing attack on the privacy of browser users. Three different approaches are followed: LH-Timed Automata (analyzed using the model checker HyTech), finite-state automata (analyzed using the model checker NuSMV), and process algebras (analyzed using the model checker CWB-NC ). A comparative analysis of these three approaches is given.     

基于Web的时变体数据的体绘制方法

传统Web体绘制方法主要集中在利用服务器端进行预处理和绘制任务,浏览器端仅用于呈现绘制结果,这样会造成服务器负载过高,同时,当绘制参数发生更改时,必须向服务器请求新的绘制结果,这样也易受网络延迟的影响。为了解决以上问题,实现在浏览器本地进行体绘制和交互,本文提出一种基于WebGL的体绘制方法,以时变体数据为例,在浏览器端实现光线投射体绘制算法。同时,为了提升绘制效率和减少内存占用,本文基于维度压缩方法,优化时变体数据的预处理过程。最后,本文设计了Web体绘制系统,引入暴风时变数据集以验证方法的有效性,结果表明,本文方法能够在浏览器本地对时变体数据进行体绘制,绘制时间在50ms以下,帧速率可达到50 FPS以上,同时支持实时交互,并且当绘制参数发生更改时,系统能够直接在浏览器端进行重新绘制。     

基于关键词捕捉的中文语音网页浏览器

基于关键词捕捉技术的中文语音网页浏览器,除了提供传统网页浏览器的功能外,还提供了中文语音浏览的功能。语音网页浏览器综合运用了计算机网络、中文关键词捕捉、连续语音识别、端点检测、文本分析等技术,采用中文语音作为输入手段,在用户读出网页中包含的链接关键词后,对语音段进行关键词捕捉,根据结果连接到相应的网页,达到不用鼠标、只用“看和说”即可进行网页浏览的目的。采用关键词捕捉技术的语音网页浏览器具有操作简便、抗噪性能好、识别率高的特点。     

JSF与Ajax在Web应用中整合的三种策略实现与比较

JSF是开发基于MVC模式的Web应用的规范,Ajax是Web端实现与服务器异步通信的技术。两者的结合是目前非常流行的一种开发框架。为了规范表示层的开发模式,根据当前的程序开发者对这两种技术的评价和作者开发的实践,结合一个具体的应用实例,设计了两者应用结合的三种解决策略,并给出针对不同的应用,这三种策略的优劣对比,最后提出了基于JSF平台的Ajax扩展框架构建设想。     

Interactive visual modeling for performance

An overview is given of Q+, an interactive tool for performance modeling that uses graphical input and visual output. Two major enhancements are a subnetwork capability for structuring models hierarchically and an integrated expression capability. New capabilities are custom icons and temporal browsing. With a Q+ icon palette, users can draw their own icons and manipulate existing ones. The browser allows browsing, editing and updating Q+ information, which can be textual or graphical. Automatic model building, operations management, and experimental design with Q+ are discussed