Requirements engineering (RE) is often seen as an essential facet in software development. It is a vital process before each project starts. In the context of systems engineering, an understanding and Application of systems theory and practice is also relevant to RE. The contexts in which RE takes place habitually involve human activities. Therefore, RE needs to be sensitive to how people perceive and understand the world around them, how they interact, and how the sociology of the workplace affects their actions. This paper will propose a new approach in requirements elicitation process by considering the human intervention in each activity involve with the development process. Web Application development requires proper elicitation process because it has its own distinctive features.Without proper elicitation process, the requirements will turn to be inaccurate and incomplete thus will increase the ambiguity. Therefore, this paper will examine the role of the activity theory in order to decrease the impact of the said problems or to avoid them. Some analysis will be made over the theory in order to discover its sustainability in promoting and maintaining the quality of the requirements, with the aim to underline better way of eliciting the requirements for the Web Application.

Web Application  rewalls (WAFs) are used for protecting Web Applications from attacks such as SQL injection, cross-site request forgery, and cross-site scripting. As a result of the growing complexity of Web attacks, WAFs need to be tested and updated on a regular basis. There are various tools and techniques to verify the correct performance of a WAF. But most of the techniques are manual or use brute-force attacks, so su er from poor e cacy. In this work, we propose a solution based on Reinforcement Learning (RL) to discover malicious payloads, which are able to bypass WAFs. We provide an RL framework with an environment compatible with OpenAI gym toolset standards. The environment is employed for training agents to implement WAF circumvention tasks. The agent mutates the syntax of a malicious payload using a set of modi cation operators as actions, without changes to its semantic. Then, upon WAF's reaction to the payload, the environment ascertains a reward for the agent. Eventually, based on these rewards, the agent learns a suitable sequence of mutations for any malicious payload. The payloads, which bypass the WAF determine rules defects, which can be further used in rule tuning for rule-based WAFs. Also, it can enrich the machine learning-based WAFs datasets for retraining. We use Q-Learning, Advantage Actor-Critic (A2C), and Proximal Policy Optimization (PPO) algorithms with the deep neural network. Our solution is successful in evading signature-based and machine learning-based WAFs. While our focus in this work is on SQL injection, the method can be simply extended to use for any string-based injection attacks.

SQL injection (SQLi) is one of the most common attacks against database servers and has the potential to threaten server services by utilizing SQL commands to change, delete, or falsify data. In this study, researchers tested SQLi attacks against Websites using a number of tools, including Whois, SSL Scan, Nmap, Open Web Application Security Project (OWASP) Zap, and SQL Map. Then, researchers identified SQLi vulnerabilities on the tested Web server. Next, researchers developed and implemented mitigation measures to protect the Website from SQLi attacks. Test results using OWASP Zap identified 14 vulnerabilities, with five of them at a medium level of 35%, seven at a low level of 50%, and two at an informational level of 14%. Meanwhile, testing using SQL Map succeeded in gaining access to the database and username on the Web server. The next step in this research is to provide recommendations for installing a firewall on the Website as a mitigation measure to reduce the risk of SQLi attacks. The main contribution of this research is the development of a structured methodology to identify and address SQLi vulnerabilities in Web servers, which play an important role in maintaining data security and integrity in a rapidly evolving online environment.

Web Application Firewall (WAF) is known as one of the Intrusion Detection System (IDS) solutions for protecting Web servers from HTTP attacks. WAF is a tool to identify and prevent many types of attacks, such as XSS and SQL-injection. In this paper, deep machine learning algorithms are used for enriching the WAF based on the anomaly detection method. Firstly, we construct attributes from HTTP data, to do so we consider two models namely n-gram and one-hot. Then, according to Auto-Encoder LSTM (AE-LSTM) as an unsupervised deep leaning method, we should extract informative features and then reduce them. Finally, we use ensemble isolation forest to train only normal data for the classifier. We apply the proposed model on CSIC 2010 and ECML/ PKDD 2007 datasets. The results show AE-LSTM has higher performance in terms of accuracy and generalization compared with naï ve methods on CSIC dataset; the proposed method also have acceptable detection rate on ECML/PKDD dataset using n-gram model.

L-Atur is a Web Application with the essence of human and machine collaboration that assists users who don't have coding or design skills to generate their customized products. We noticed that our previous version only supported small-scale designs properly, and the generated shapes didn't provide enough visual complexity for large-scale results. In this paper, we improved the supported grammatical properties in order to expand design variations. We offered random and specified color choices, variable line thickness, and multi-rule L-systems grammars as the new options for the current version of L-Atur. We also provided an in-depth analysis of how these new suggested properties can have fundamental impacts on the generated designs visually. We also discussed grammatical evolution as a solution to improve grammatical diversity by using machine-generated ones. As a result, the current version can cover broadened design aspects ranging from small-scale products to large ones with diverse levels of complexity and a high level of visual novelty.

Large-scale production of Nano fibres requires quality control. Uniformity in fibrous structures plays an important role in defining appearance, performance, etc. For example, in filtration processes, Web performance is largely dependent on the uniformity of the Web. In this paper, image analysis method based on mottle and graininess algorithms for Nano-Web uniformity measurement was proposed. An appropriate computer program based on ISO-13660 standard mottle and graininess algorithms was developed and uniformity of the Black and White images were measured. Image processing algorithm is applied on two types of images: simulated and real Nano-Web images. The result indicates that the attempt to use the mottle and graininess algorithms for determining Nano-Web uniformity measurement has been successful. Also, inverse of graininess are reasonably good in evaluatinguniformity of Nano-Web. This method has capability of being used as on-line technique for quality control of Nano-Web uniformity.