Manuel Maarek | Heriot-Watt University (original) (raw)
Papers by Manuel Maarek
Version Control Systems (VCS) are increasingly used for software education. However they are ofte... more Version Control Systems (VCS) are increasingly used for software education. However they are often used independently of generalpurpose Learning Management Systems (LMS), leading to poor user experiences and data fragmentation. This paper presents a high level programming framework that integrates the Canvas LMS and the GitLab VCS. Eight use case applications are implemented with it, motivated by related work, educator and student surveys we conducted, and our early experience of using GitLab for software education. The framework semi-automates feedback loops, improves the overall user experience for students and educators and reduces administrative time-saving educators up to 16.7 hours in a 12 week semester. The components of our framework are open source for learning technologists to develop their own use cases. CCS CONCEPTS • Applied computing → Learning management systems; Learning management systems; • Social and professional topics → Computer engineering education; • Software and its engineering → Requirements analysis; Software configuration management and version control systems.
arXiv (Cornell University), Aug 13, 2020
Approaches to the safety analysis of software-intensive systems are being adapted to also provide... more Approaches to the safety analysis of software-intensive systems are being adapted to also provide security assurance. Extensions have been proposed to reflect the specific nature of security analysis by introducing intention as a causal factor to reaching unsafe state of the system, or by introducing new layers in the system modelling to model its surface of attack. In this paper we propose to extend these approaches by modelling the attacks perspective alongside the system. We explain how such modelling could be used to verify the coverage of the security analysis and facilitate its maintenance.
Peer feedback has been shown to benefit students’ learning as it develops their critical thinking... more Peer feedback has been shown to benefit students’ learning as it develops their critical thinking and provides more immediate feedback. It relies on the analysis by students of their peers’ work following structured criteria. We propose to apply the same principle to programming courses but in doing so by using techniques of software evaluation: software testing. Students run tests on their peers’ code and engage in peer feedback discussions on the results of the test runs. In this paper we present a testing-based code peer feedback learning activity, we describe its technical framework and integration with GitLab, and we discuss its deployment in an undergraduate course and initial evaluation.
Electronic proceedings in theoretical computer science, Apr 26, 2014
Forensic Science International: Digital Investigation, Oct 1, 2022
Lecture Notes in Computer Science, 2020
Mixer services purportedly remove all connections between the input (deposited) Bitcoins and the ... more Mixer services purportedly remove all connections between the input (deposited) Bitcoins and the output (withdrawn) mixed Bitcoins, seemingly rendering taint analysis tracking ineffectual. In this paper, we introduce and explore a novel tracking strategy, called Address Taint Analysis, that adapts from existing transaction-based taint analysis techniques for tracking Bitcoins that have passed through a mixer service. We also investigate the potential of combining address taint analysis with address clustering and backward tainting. We further introduce a set of filtering criteria that reduce the number of false-positive results based on the characteristics of withdrawn transactions and evaluate our solution with verifiable mixing transactions of nine mixer services from previous reverse-engineering studies. Our findings show that it is possible to track the mixed Bitcoins from the deposited Bitcoins using address taint analysis and the number of potential transaction outputs can be significantly reduced with the filtering criteria.
arXiv (Cornell University), Aug 13, 2020
As part of formative and summative assessments in programming courses, students work on developin... more As part of formative and summative assessments in programming courses, students work on developing programming artifacts following a given specification. These artifacts are evaluated by the teachers. At the end of this evaluation, the students receive feedback and marks. Providing feedback on programming artifacts is time demanding and could make feedback to arrive too late for it to be effective for the students' learning. We propose to combine software testing with peer feedback which has been praised for offering a timely and effective learning activity with program testing. In this paper we report on the development of a Web platform for peer feedback on programming artifacts through program testing. We discuss the development process of our peer-testing platform informed by teachers and students. CCS Concepts • Social and professional topics → Software engineering education; Computer science education; • Software and its engineering → Software testing and debugging; • Applied computing → Collaborative learning;
2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
EICC 2022: Proccedings of the European Interdisciplinary Cybersecurity Conference
2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2020
United Kingdom & Ireland Computing Education Research conference., 2020
Peer feedback has been shown to benefit students’ learning as it develops their critical thinking... more Peer feedback has been shown to benefit students’ learning as it develops their critical thinking and provides more immediate feedback. It relies on the analysis by students of their peers’ work following structured criteria. We propose to apply the same principle to programming courses but in doing so by using techniques of software evaluation: software testing. Students run tests on their peers’ code and engage in peer feedback discussions on the results of the test runs. In this paper we present a testing-based code peer feedback learning activity, we describe its technical framework and integration with GitLab, and we discuss its deployment in an undergraduate course and initial evaluation.
Lecture Notes in Computer Science, 2019
Approaches to the safety analysis of software-intensive systems are being adapted to also provide... more Approaches to the safety analysis of software-intensive systems are being adapted to also provide security assurance. Extensions have been proposed to reflect the specific nature of security analysis by introducing intention as a causal factor to reaching unsafe state of the system, or by introducing new layers in the system modelling to model its surface of attack.
To address security concerns, a major change was introduced to the OCaml language and compiler wh... more To address security concerns, a major change was introduced to the OCaml language and compiler which made strings immutable and introduced array of bytes as replacement for mutable strings. The change is progressively being pushed so that ultimately strings will be immutable. We have investigated the way OCaml package developers undertook the change. In this paper we report on a preliminary observation of software code from the main OCaml package management system. For this purpose we instrumented versions of the OCaml compiler to get precise information into the uptake of safe strings. 2012 ACM Subject Classification Software and its engineering → Software evolution
Proceedings of the International Seminar on Safety and Security of Autonomous Vessels (ISSAV) and European STAMP Workshop and Conference (ESWC) 2019, 2020
Version Control Systems (VCS) are increasingly used for software education. However they are ofte... more Version Control Systems (VCS) are increasingly used for software education. However they are often used independently of generalpurpose Learning Management Systems (LMS), leading to poor user experiences and data fragmentation. This paper presents a high level programming framework that integrates the Canvas LMS and the GitLab VCS. Eight use case applications are implemented with it, motivated by related work, educator and student surveys we conducted, and our early experience of using GitLab for software education. The framework semi-automates feedback loops, improves the overall user experience for students and educators and reduces administrative time-saving educators up to 16.7 hours in a 12 week semester. The components of our framework are open source for learning technologists to develop their own use cases. CCS CONCEPTS • Applied computing → Learning management systems; Learning management systems; • Social and professional topics → Computer engineering education; • Software and its engineering → Requirements analysis; Software configuration management and version control systems.
arXiv (Cornell University), Aug 13, 2020
Approaches to the safety analysis of software-intensive systems are being adapted to also provide... more Approaches to the safety analysis of software-intensive systems are being adapted to also provide security assurance. Extensions have been proposed to reflect the specific nature of security analysis by introducing intention as a causal factor to reaching unsafe state of the system, or by introducing new layers in the system modelling to model its surface of attack. In this paper we propose to extend these approaches by modelling the attacks perspective alongside the system. We explain how such modelling could be used to verify the coverage of the security analysis and facilitate its maintenance.
Peer feedback has been shown to benefit students’ learning as it develops their critical thinking... more Peer feedback has been shown to benefit students’ learning as it develops their critical thinking and provides more immediate feedback. It relies on the analysis by students of their peers’ work following structured criteria. We propose to apply the same principle to programming courses but in doing so by using techniques of software evaluation: software testing. Students run tests on their peers’ code and engage in peer feedback discussions on the results of the test runs. In this paper we present a testing-based code peer feedback learning activity, we describe its technical framework and integration with GitLab, and we discuss its deployment in an undergraduate course and initial evaluation.
Electronic proceedings in theoretical computer science, Apr 26, 2014
Forensic Science International: Digital Investigation, Oct 1, 2022
Lecture Notes in Computer Science, 2020
Mixer services purportedly remove all connections between the input (deposited) Bitcoins and the ... more Mixer services purportedly remove all connections between the input (deposited) Bitcoins and the output (withdrawn) mixed Bitcoins, seemingly rendering taint analysis tracking ineffectual. In this paper, we introduce and explore a novel tracking strategy, called Address Taint Analysis, that adapts from existing transaction-based taint analysis techniques for tracking Bitcoins that have passed through a mixer service. We also investigate the potential of combining address taint analysis with address clustering and backward tainting. We further introduce a set of filtering criteria that reduce the number of false-positive results based on the characteristics of withdrawn transactions and evaluate our solution with verifiable mixing transactions of nine mixer services from previous reverse-engineering studies. Our findings show that it is possible to track the mixed Bitcoins from the deposited Bitcoins using address taint analysis and the number of potential transaction outputs can be significantly reduced with the filtering criteria.
arXiv (Cornell University), Aug 13, 2020
As part of formative and summative assessments in programming courses, students work on developin... more As part of formative and summative assessments in programming courses, students work on developing programming artifacts following a given specification. These artifacts are evaluated by the teachers. At the end of this evaluation, the students receive feedback and marks. Providing feedback on programming artifacts is time demanding and could make feedback to arrive too late for it to be effective for the students' learning. We propose to combine software testing with peer feedback which has been praised for offering a timely and effective learning activity with program testing. In this paper we report on the development of a Web platform for peer feedback on programming artifacts through program testing. We discuss the development process of our peer-testing platform informed by teachers and students. CCS Concepts • Social and professional topics → Software engineering education; Computer science education; • Software and its engineering → Software testing and debugging; • Applied computing → Collaborative learning;
2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
EICC 2022: Proccedings of the European Interdisciplinary Cybersecurity Conference
2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2020
United Kingdom & Ireland Computing Education Research conference., 2020
Peer feedback has been shown to benefit students’ learning as it develops their critical thinking... more Peer feedback has been shown to benefit students’ learning as it develops their critical thinking and provides more immediate feedback. It relies on the analysis by students of their peers’ work following structured criteria. We propose to apply the same principle to programming courses but in doing so by using techniques of software evaluation: software testing. Students run tests on their peers’ code and engage in peer feedback discussions on the results of the test runs. In this paper we present a testing-based code peer feedback learning activity, we describe its technical framework and integration with GitLab, and we discuss its deployment in an undergraduate course and initial evaluation.
Lecture Notes in Computer Science, 2019
Approaches to the safety analysis of software-intensive systems are being adapted to also provide... more Approaches to the safety analysis of software-intensive systems are being adapted to also provide security assurance. Extensions have been proposed to reflect the specific nature of security analysis by introducing intention as a causal factor to reaching unsafe state of the system, or by introducing new layers in the system modelling to model its surface of attack.
To address security concerns, a major change was introduced to the OCaml language and compiler wh... more To address security concerns, a major change was introduced to the OCaml language and compiler which made strings immutable and introduced array of bytes as replacement for mutable strings. The change is progressively being pushed so that ultimately strings will be immutable. We have investigated the way OCaml package developers undertook the change. In this paper we report on a preliminary observation of software code from the main OCaml package management system. For this purpose we instrumented versions of the OCaml compiler to get precise information into the uptake of safe strings. 2012 ACM Subject Classification Software and its engineering → Software evolution
Proceedings of the International Seminar on Safety and Security of Autonomous Vessels (ISSAV) and European STAMP Workshop and Conference (ESWC) 2019, 2020