Examensarbeten och uppsatser / Final Theses
Framläggningar på IDA / Presentations at IDA
If nothing is stated about the presentation language then the presentation is in Swedish.
Due to current distance mode thesis presentations during spring of 2020 will take place online. See more information on the page for online presentations (also link in the menu). If password is required to access the online presentation, please contact the examiner (type in the examiner's name in the search bar in the top right, and choose "Sök IDA-anställda" in the menu).
- 2022-06-03 kl 11:15 i Allen Newell
Användarstudie av egenbyggda billiga VR-handskar med haptik
Författare: Gabriel Bragazzi Eriksson, Jonathan Rubensson
Opponenter: Gustaf Lönnkvist, Gustav Nordqvist
Handledare: Mattias Arvola
Examinator: Stefan Holmlid
Nivå: Avancerad (30hp)
This study was conducted to explore budget DIY VR-gloves with haptics, and its use cases within Virtual Reality. Firstly, the VR-gloves were built according to an open-source project, called LucidGloves. A user test with 19 users was later conducted, where the VR-gloves were compared to Vive-controllers regarding the user experience in a VR-environment. The result for the entire test group showed no significant difference between the two units. A significant difference was found for the males, where the virtual hands were perceived more as their own (virtual body ownership) when using the VR-gloves. For the experienced VR-users, there was a significant difference regarding the object interaction, where the Vive-controllers appeared more realistic. The conclusions made is that if VR-gloves increase virtual body ownership for males, there is a potential to increase performance in VR-training simulators with VR-gloves. It is also crucial that the VR-gloves perform faultless to keep the user’s presence in VR. This is at the same time is difficult to do with one pair of gloves which should suit multiply hand sizes. The suggestions for improvement that were identified was to develop the responsivity and interaction for the VR-gloves, which however was not done in the study due to insufficient resources. Further areas of improvement were to increase the robustness of the gloves, where suggestions were developed regarding a different component layout, battery placement and cord attachment.
- 2022-06-07 kl 08:15 i Alan Turing
Study of the techniques used by OWASP ZAP for analysis of vulnerabilities in web applications
Författare: Isak Häggström, Adam Jakobsson
Opponenter: Marcus Elander, Philip Gunnarsson
Handledare: Sahand Sadjadee
Examinator: Eva Blomqvist
Nivå: Avancerad (30hp)
Today, new web applications are made every single day with increasingly more sensitive data to manage. To ensure that no security vulnerabilities such as data leakage in web application exists, developers are using tools such as a web vulnerability scanner. This type of tool can detect vulnerabilities by automatically finding input fields where data can be injected and perform different attacks on these fields. One of the most common web vulnerability scanner is OWASP ZAP. Web vulnerability scanners were first developed during a time when traditional multi-page applications were prominent. Nowadays, when the modern single-page applications have become the de facto standard, new challenges for web vulnerability scanners have arisen. These problems include identifying dynamically updated web pages. This thesis aims to evaluate the techniques used by OWASP ZAP and several other web vulnerability scanners for identifying two of the most common vulnerabilities, SQL injections and cross site scripting. This issue is approached by testing the selected web vulnerability scanners on deliberately vulnerable web applications, to assess the performance and techniques used, to determine if the performance of OWASP ZAP could be improved. If an identified technique in another web vulnerability scanner performed better than the counterpart in OWASP ZAP, it will be implemented in OWASP ZAP and evaluated. From the tests performed, it could be concluded that the performance of OWASP ZAP were lacking in the search for input fields, where a depth first search algorithm were used. The breadth first search algorithm used by other scanners were proven to be more effective in specific cases, and was therefore implemented in OWASP ZAP. The result proves that the use case for the two algorithms differs between web applications and by using both of the algorithms to find vulnerabilities, a better performance is achieved.
Page responsible: Ola Leifler
Last updated: 2020-06-11